Overview

URL hadibi.ahlamontada.com/
IP178.33.43.178
ASNOVH SAS
Location France
Report completed2022-09-27 12:56:58 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-27 2 cdn.betgorebysson.club/apu.php?zoneid=3765907 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (51)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-27 04:53:17 UTC 34.120.237.76
mnemonic passive DNS trc.taboola.com (3) 602 2013-07-11 10:17:31 UTC 2022-09-27 04:54:23 UTC 151.101.85.44
mnemonic passive DNS cdn.betgorebysson.club (1) 149925 2020-07-24 15:19:13 UTC 2022-09-27 12:22:00 UTC 139.45.195.8
mnemonic passive DNS ocsp.digicert.com (12) 86 2012-05-21 07:02:23 UTC 2022-09-27 09:08:20 UTC 93.184.220.29
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-27 04:52:22 UTC 64.233.162.154
mnemonic passive DNS am-vid-events.taboola.com (2) 11733 2020-04-26 14:32:16 UTC 2022-09-27 05:00:47 UTC 141.226.228.48
mnemonic passive DNS sync.search.spotxchange.com (10) 523 2014-05-29 23:15:03 UTC 2022-09-27 05:00:47 UTC 185.94.180.126
mnemonic passive DNS match.adsrvr.org (2) 349 2012-08-07 19:20:17 UTC 2022-09-27 05:00:47 UTC 35.71.131.137
mnemonic passive DNS am-match.taboola.com (3) 12278 2020-03-18 14:33:10 UTC 2022-09-27 08:38:53 UTC 141.226.228.48
mnemonic passive DNS hadibi.ahlamontada.com (5) 0 2017-01-22 13:33:47 UTC 2017-09-28 13:06:10 UTC 94.23.73.212 Domain (ahlamontada.com) ranked at: 834719
mnemonic passive DNS twemoji.maxcdn.com (1) 9109 2017-01-30 05:01:32 UTC 2022-09-27 05:29:16 UTC 23.111.9.57
mnemonic passive DNS csm.fr.eu.criteo.net (1) 6845 2017-01-30 05:18:06 UTC 2022-09-27 05:32:16 UTC 178.250.0.162
mnemonic passive DNS vidstat.taboola.com (4) 1927 2017-08-29 11:41:42 UTC 2022-09-27 08:38:52 UTC 151.101.85.44
mnemonic passive DNS il-trc-events.taboola.com (8) 22667 2021-06-17 07:23:06 UTC 2022-09-27 05:00:46 UTC 185.106.33.48
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-27 05:00:30 UTC 104.18.20.226
mnemonic passive DNS taboola-supply-partners.tremorhub.com (1) 3369 2018-12-02 13:13:18 UTC 2022-09-27 08:32:56 UTC 52.207.129.242
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-09-27 09:44:42 UTC 104.18.32.68
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-09-27 04:52:25 UTC 23.36.77.32
mnemonic passive DNS ajax.googleapis.com (1) 12905 2014-10-18 20:16:48 UTC 2022-09-27 11:26:26 UTC 142.250.74.42
mnemonic passive DNS www.googletagmanager.com (2) 75 2012-12-25 14:52:06 UTC 2022-09-27 04:52:54 UTC 142.250.74.72
mnemonic passive DNS hadibi.ahlamontada.com (5) 0 2017-01-22 13:33:47 UTC 2017-09-28 13:06:10 UTC 94.23.150.222 Domain (ahlamontada.com) ranked at: 834719
mnemonic passive DNS stootsou.net (6) 145219 2021-04-05 08:22:21 UTC 2022-09-27 08:44:53 UTC 139.45.197.250
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-27 07:51:08 UTC 142.250.74.174
mnemonic passive DNS api.viglink.com (3) 4397 2012-05-23 13:47:26 UTC 2022-09-27 07:13:21 UTC 54.76.231.160
mnemonic passive DNS my.rtmark.net (2) 9054 2017-08-22 14:11:49 UTC 2022-09-27 04:54:13 UTC 139.45.195.8
mnemonic passive DNS images.taboola.com (6) 1621 2013-07-11 09:17:44 UTC 2022-09-27 05:10:54 UTC 151.101.85.44
mnemonic passive DNS 15.taboola.com (1) 1912 2017-03-15 11:40:55 UTC 2022-09-27 04:44:17 UTC 151.101.85.44
mnemonic passive DNS imprammp.taboola.com (2) 11978 2017-03-12 17:38:44 UTC 2022-09-27 08:38:53 UTC 151.101.85.44
mnemonic passive DNS wf.taboola.com (4) 2328 2017-03-01 15:03:50 UTC 2022-09-27 08:38:54 UTC 151.101.85.44
mnemonic passive DNS static.criteo.net (1) 652 2015-06-24 06:04:54 UTC 2022-09-27 06:26:24 UTC 178.250.0.130
mnemonic passive DNS ag.gbc.criteo.com (1) 5925 2018-12-17 13:17:41 UTC 2022-09-27 05:32:15 UTC 178.250.6.246
mnemonic passive DNS x.bidswitch.net (2) 286 2017-08-28 15:21:00 UTC 2022-09-27 04:58:00 UTC 3.124.103.115
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 143.204.55.110
mnemonic passive DNS ocsp.pki.goog (11) 175 2017-06-14 07:23:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.3
mnemonic passive DNS 2img.net (1) 212398 2016-06-23 06:31:49 UTC 2022-09-27 12:17:26 UTC 172.64.110.19
mnemonic passive DNS cdn.viglink.com (1) 4113 2012-10-26 15:59:48 UTC 2022-09-27 06:39:07 UTC 104.16.161.13
mnemonic passive DNS trc-events.taboola.com (2) 1779 2020-06-09 13:52:57 UTC 2022-09-27 05:10:48 UTC 141.226.228.48
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-09-27 05:08:12 UTC 142.250.74.3
mnemonic passive DNS ups.analytics.yahoo.com (4) 287 2019-05-09 15:57:40 UTC 2022-09-27 04:58:00 UTC 18.156.0.31
mnemonic passive DNS gum.criteo.com (7) 381 2015-01-22 10:58:57 UTC 2022-09-27 09:43:38 UTC 178.250.0.157
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 54.148.242.254
mnemonic passive DNS gem.gbc.criteo.com (2) 6039 2019-02-06 06:21:41 UTC 2022-09-27 05:32:15 UTC 178.250.6.36
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS pips.taboola.com (1) 1840 2021-02-15 14:32:07 UTC 2022-09-27 04:54:25 UTC 151.101.85.44
mnemonic passive DNS cds.taboola.com (1) 1068 2018-06-04 15:10:44 UTC 2022-09-27 06:44:36 UTC 141.226.224.32
mnemonic passive DNS illiweb.com (2) 265462 2020-08-31 12:13:55 UTC 2022-09-27 07:13:20 UTC 172.67.150.97
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-27 11:41:54 UTC 143.204.55.35
mnemonic passive DNS cdn.taboola.com (5) 1040 2013-07-19 23:48:03 UTC 2022-09-27 05:42:48 UTC 151.101.85.44
mnemonic passive DNS status.geotrust.com (2) 3662 2017-12-01 08:55:31 UTC 2022-09-27 04:53:05 UTC 93.184.220.29
mnemonic passive DNS connect.topicit.net (1) 523065 2019-08-12 09:46:32 UTC 2022-09-27 12:21:59 UTC 172.67.158.56


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 178.33.43.178

Date UQ / IDS / BL URL IP
2022-11-21 12:46:36 +0000
0 - 0 - 1 klhghk.rigala.net/t10-topic 178.33.43.178
2022-11-19 07:01:59 +0000
0 - 0 - 6 2ddelice.forumgaming.fr/ 178.33.43.178
2022-11-10 12:58:59 +0000
0 - 0 - 10 atbara.ahlamontada.net/t7786-topic 178.33.43.178
2022-11-08 11:39:48 +0000
0 - 0 - 2 soosoo.ahlamontada.com/t83-topic 178.33.43.178
2022-11-06 09:53:58 +0000
0 - 0 - 8 mayar.ahlamontada.net/t1411-topic 178.33.43.178

Last 5 reports on ASN: OVH SAS

Date UQ / IDS / BL URL IP
2022-11-26 22:52:51 +0000
0 - 0 - 5 roleplayers.co/videos/45518/babysitter-vore/ 141.94.255.36
2022-11-26 22:26:53 +0000
0 - 0 - 2 mediasama.com/starharem/01/s/?cep=3m82DITTE23 (...) 144.217.67.42
2022-11-26 22:25:15 +0000
0 - 0 - 12 jobs.vrdgov.org/ 51.195.157.25
2022-11-26 22:15:34 +0000
0 - 0 - 2 141.94.219.49/ 141.94.219.49
2022-11-26 22:14:15 +0000
0 - 0 - 2 54.36.225.14/HNAP1/ 54.36.225.14

Last 5 reports on domain: ahlamontada.com

Date UQ / IDS / BL URL IP
2022-11-16 13:03:20 +0000
0 - 0 - 11 citytala.ahlamontada.com/t216-topic 188.165.2.137
2022-11-14 12:19:28 +0000
0 - 0 - 10 sousimohamed.ahlamontada.com/t4761-topic 188.165.2.137
2022-11-08 11:39:48 +0000
0 - 0 - 2 soosoo.ahlamontada.com/t83-topic 178.33.43.178
2022-11-06 09:32:11 +0000
0 - 0 - 9 cocofofo0.ahlamontada.com/t7-topic 94.23.73.212
2022-11-04 09:32:39 +0000
0 - 0 - 2 battash.ahlamontada.com/t9939-topic 188.165.2.137

No other reports with similar screenshot



JavaScript

Executed Scripts (40)


Executed Evals (5)

#1 JavaScript::Eval (size: 18, repeated: 1) - SHA256: 0f3342bc14063d9ed7a669eb067b50ea17b2cb7dcb51968939b72fa9ac862d91

                                        var foo = (x) => x + 1
                                    

#2 JavaScript::Eval (size: 26789, repeated: 1) - SHA256: 8381ac937b6a22e0d3118b18e7de55524a3e034249a178a5da57630558997731

                                        var isApp = false;

cmTag.set('version', '23_2_8');

cmTag.set('sync', 'https://am-match.taboola.com/sync?dast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&excid=22&docw=0&cijs=1&nlb=false');

cmTag.set("player.settings.kaxwnc", 0);


cmTag.setByCondition({
    conditions: [{
        key: "ep",
        val: 1
    }],
    settings: {
        isMultiAd: false
    }
});
cmTag.set("preset", {
    "level": 1
});
cmTag.set('player.settings.regx', '\x22\x64\x65\x6D\x61\x6E\x64\x53\x6F\x75\x72\x63\x65\x49\x64\x22\x3A\x35\x34\x36\x38\x34\x7C\x2E\x63\x6C\x65\x61\x72\x73\x74\x72\x65\x61\x6D\x2E\x74\x76\x7C\x2E\x63\x6C\x72\x73\x74\x6D\x2E\x63\x6F\x6D\x7C\x74\x6D\x2D\x70\x72\x6F\x6D\x6F\x2E\x73\x33\x2E\x61\x6D\x61\x7A\x6F\x6E\x61\x77\x73\x7C\x61\x64\x76\x65\x72\x74\x69\x73\x69\x6E\x67\x73\x74\x6F\x72\x79\x2E\x63\x6F\x6D\x7C\x6D\x65\x64\x69\x61\x67\x72\x6F\x75\x70\x61\x64\x73\x2E\x63\x6F\x6D\x7C\x65\x6C\x69\x74\x65\x6C\x6D\x65\x64\x69\x61\x61\x64\x76\x65\x72\x74\x69\x73\x69\x6E\x67\x2E\x63\x6F\x6D\x7C\x76\x65\x72\x74\x61\x6D\x65\x64\x69\x61\x2E\x63\x6F\x6D\x7C\x6D\x65\x64\x69\x61\x67\x72\x6F\x75\x70\x70\x72\x6F\x2E\x63\x6F\x6D\x7C\x68\x69\x67\x68\x72\x61\x74\x65\x64\x61\x64\x73\x2E\x63\x6F\x6D\x7C\x2E\x76\x69\x64\x65\x6F\x67\x72\x61\x6D\x6D\x69\x63\x2E\x63\x6F\x6D\x7C\x76\x69\x64\x65\x6F\x67\x72\x61\x6D\x6D\x69\x63\x2E\x63\x6F\x6D\x7C\x66\x69\x6C\x65\x73\x2E\x77\x65\x62\x76\x69\x64\x65\x6F\x67\x6C\x6F\x62\x61\x6C\x2E\x63\x6F\x6D\x7C\x77\x65\x62\x76\x69\x64\x65\x6F\x67\x6C\x6F\x62\x61\x6C\x2E\x63\x6F\x6D\x7C\x77\x65\x62\x6D\x65\x64\x69\x61\x61\x70\x70\x2E\x63\x6F\x6D\x66\x69\x6C\x65\x73\x2E\x77\x65\x62\x6D\x65\x64\x69\x61\x61\x70\x70\x2E\x63\x6F\x6D\x7C\x6D\x61\x72\x6B\x65\x74\x69\x6E\x67\x76\x69\x64\x65\x6F\x6E\x6F\x77\x2E\x63\x6F\x6D\x7C\x70\x6F\x70\x6F\x76\x69\x64\x65\x6F\x61\x64\x2E\x63\x6F\x6D\x7C\x64\x61\x66\x61\x63\x64\x64\x2E\x61\x73\x69\x61\x7C\x73\x62\x2E\x77\x69\x6E\x39\x39\x39\x77\x69\x6E\x2E\x63\x6F\x6D\x7C\x6E\x73\x73\x66\x2E\x63\x6F\x6D\x7C\x75\x70\x69\x65\x77\x2E\x63\x6F\x6D\x7C\x70\x69\x65\x77\x2E\x63\x6F\x6D\x7C\x76\x2E\x73\x68\x75\x6C\x63\x6F\x6E\x74\x2E\x63\x6F\x6D\x7C\x76\x2E\x61\x6C\x67\x6F\x76\x69\x64\x2E\x63\x6F\x6D\x7C\x76\x69\x64\x2E\x73\x70\x72\x69\x6E\x67\x73\x65\x72\x76\x65\x2E\x63\x6F\x6D\x7C\x70\x6D\x69\x2E\x63\x6F\x6D');

cmTag.set('player.settings.hjkbldomsencdd', ["dGFncy5ia3J0eC5jb20=", "bGlwaWthcl9ib2R5Y2FyZV9hd2FyZW5lc3M=", "Z2FjZG4=", "bWlycmEuaW8=", "YnJ0bWVkaWE=", "VUEtNTcwODQyNTctNw==", "Y29pbi1oaXZlLmNvbQ==", "YnVuZGxlLmNsZWFyc3RyZWFtLnR2", "LmNscnN0bS5jb20=", "dmlkZW8ubGVhZHp1LmNvbQ==", "LmxlYWR6dS5jb20=", "czAuMm1kbi5uZXQvYWRzL3JpY2htZWRpYS9zdHVkaW8vcHYyLzYwMTI4Njk2Lw==", "YWR2ZXJ0aXNpbmdzdG9yeS5jb20=", "bWVkaWFncm91cGFkcy5jb20=", "ZWxpdGVsbWVkaWFhZHZlcnRpc2luZy5jb20=", "dmVydGFtZWRpYS5jb20=", "bWVkaWFncm91cHByby5jb20=", "aGlnaHJhdGVkYWRzLmNvbQ==", "dmlkZW9ncmFtbWljLmNvbQ==", "bWFya2V0aW5ndmlkZW9ub3cuY29t", "c3RhdGljLm1hcmtldGluZ3ZpZGVvbm93LmNvbQ==", "ZmlsZXMud2VidmlkZW9nbG9iYWwuY29t", "d2VidmlkZW9nbG9iYWwuY29t", "d2VibWVkaWFhcHAuY29t", "ZmlsZXMud2VibWVkaWFhcHAuY29t", "cG9wb3ZpZGVvYWQuY29t", "c2Iudm9pY2VmaXZlLmNvbQ==", "b25lLm00ZGMuY29t", "dXBpZXcuY29t", "cGlldy5jb20=", "di5zaHVsY29udC5jb20=", "di5hbGdvdmlkLmNvbQ==", "dmlkLnNwcmluZ3NlcnZlLmNvbQ==", "cG1pLmNvbQ=="]);

cmTag.set('liteUnitVersion', '3.9.5');
cmTag.set('player.versions.vplayer', 'v14.8.3');
cmTag.set('player.settings.anltcsurlv2', '/vpaid/vpaidAnalytics.3.js');
cmTag.set('player.settings.anltcsurlv4', '/vpaid/vpaidAnalytics.40.js');
cmTag.set('player.settings.hjkv1', '/vpaid/hjk.226.js');
cmTag.set('player.settings.dsu', '/vpaid/ds/188/dsm.js');
cmTag.set("player.settings.use_flash_player", false);
cmTag.set('player.settings.vidfkadldt', 100);
cmTag.set('player.settings.mintimwf', 5000);
cmTag.set('player.settings.dlyimpnonmoatrv', true);
cmTag.set('player.settings.frgtadpxls', 0);
cmTag.set('player.settings.rprtwrpropntime', true);
cmTag.set('player.settings.slwcnctlngt', 10);
cmTag.set('player.settings.mnbfrsz', 0.25);
cmTag.set("player.settings.prftchmxlngth", 15);
cmTag.set('player.settings.adtrgtcss', true);
cmTag.set('player.settings.pvpd', 'javascript');
cmTag.set('player.settings.prbdjsv', '1.0.18');
cmTag.set('player.settings.prfrmncmsrmnts', true);
cmTag.set('player.settings.encwfrs', true);
cmTag.set('player.settings.prfrmdfl', 'javascript');
cmTag.set('elasticLogger.isActive', false);
cmTag.set('elasticLogger.maxEventsToLog', 500);
cmTag.set('player.settings.dpndonuntfrlgtoelstc', false);
cmTag.set('player.settings.qsrtscr', function(it, vpd) {
    if (vpd.alfrox === 0 && vpd.rpox > 0) {
        return ((vpd.requiredViewability << 30) | (vpd.priority << 16) | parseInt(vpd.rpox * 1000));
    }
    return ((vpd.requiredViewability << 30) | (vpd.priority << 16) | parseInt(vpd.alfrox * vpd.rpox * 1000));
});
cmTag.set("player.settings.updtcmpbfrwf", false);
cmTag.set("components.adChoice.isActive", false);
cmTag.set("timeBetweenAds", 0);
cmTag.set("canStartPlayer", true);
cmTag.set('isAnimateOnClose', true);
cmTag.set('isToggleIframeContent', true);
cmTag.set('isPWOV', true);
cmTag.set('secondsToCloseGlobal', 2700);
cmTag.set('pubViewabilityPercent', 0);
cmTag.set('trcPerformanceMeasurementEnabled', true);
cmTag.set('additionalCss', {
    'text-align': 'left'
});
cmTag.set('player.urls.contentVideosLocation', '//vidstatb.taboola.com/vid');
cmTag.set('player.urls.contentImagesLocation', '//vidstatb.taboola.com/vid/img');
cmTag.set('microServices.PMS.version', '3.2.2');
cmTag.set('unitsBaseUrl', '//vidstat.taboola.com/vpaid/units/');
cmTag.set('player.urls.vplayerLocation', '//vidstat.taboola.com/vpaid/vPlayer');
cmTag.set('hasSupportTool', true);
cmTag.set('bllblevt', '1,21,22,23,24,25,30,32,42');
cmTag.set('gaFactor', 10000);


var dsvr = "" || false;
cmTag.set("player.settings.dataSaver", false);
if (dsvr === 'on') {
    cmTag.set("player.settings.max_ready_vpaid", 4);
    cmTag.set("player.settings.mintimwf", 5000);
}

cmTag.set("countryIsoCode", "nor");
cmTag.setByCondition({
    conditions: [{
        key: 'countryIsoCode',
        val: 'tha'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'TH'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'countryIsoCode',
        val: 'ind'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'IN'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});




cmTag.set('version', '32_3_0');
cmTag.set('pixels.url', '//am-vid-events.taboola.com/st');
cmTag.set('pixels.unitLoadedWithFill.isFire', false);
cmTag.set('fireLoadUnitPixelsFactor', 10);
cmTag.set("secondsToClose", 120);
cmTag.set("adMaxPlaySeconds", 210);
cmTag.set('player.settings.prtct', '/vpaid/hjk.16.js');
cmTag.set('player.settings.cntonvfrc', false);
cmTag.set('player.settings.mxemptwf', 5);
cmTag.set('player.settings.ltmxemptwf', 5);
cmTag.set('player.settings.erlyai', true);
cmTag.set("player.settings.timbtopps", 5000);
cmTag.set('player.settings.frstlk', true);
cmTag.set('viewPercent', '50');
cmTag.set('timbtopps', 5000);
cmTag.set('cookieMatchActive', true);
cmTag.set('maxNonRvVimpsInQueue', 2);
cmTag.set('maxVimpsInQueue', 1);
cmTag.set('numOfWfUntilDcSwitch', 19);
cmTag.set('eligibilityValidator.isActive', false);
cmTag.set('eligibilityValidator.observers.mutation.isActive', true);
cmTag.set('eligibilityValidator.observers.mutation.isObserveParent', true);
cmTag.set('eligibilityValidator.isRvOnly', true);
cmTag.set('player.settings.rvfrquesttsemttr', 'any');
cmTag.set('pixels.overlayDetectedAfterImpression.factor', 20);
cmTag.set('animation', false);
cmTag.set('clsDetector.isActive', true);
// Browser and OS wurfl
cmTag.set("wurfl.os.name", "Linux");
cmTag.set("wurfl.os.version", "");
cmTag.set("wurfl.browser.name", "Firefox");
cmTag.set("wurfl.browser.version", "96");
cmTag.set("player.settings.wurfl.os.name", "Linux");
cmTag.set("player.settings.wurfl.os.version", "");
cmTag.set("player.settings.wurfl.browser.name", "Firefox");
cmTag.set("player.settings.wurfl.browser.version", "96");

cmTag.set('opps.detach.isFire', true);
cmTag.set('opps.attach.isFire', true);
cmTag.set("player.settings.sndvltopp", false);
cmTag.set('player.settings.tglifrmcntndsplyactv', true);
cmTag.set('player.settings.aduntldflbfruntld', true);
cmTag.set('player.settings.dtctprvtbrwsng', false);
cmTag.set('isUseNewViewabilityCalc', true);
cmTag.set('100viewPercent', 98);
cmTag.set('traceViewability100Seconds', 0);
cmTag.set('isChangePredictPointsWithAny', false);
cmTag.set('isCancelGetAdOnEligibilityLost.isActive', true);
cmTag.set('isCancelGetAdOnEligibilityLost.includeRVAny', true);
cmTag.set('isGetRv1OnlyForEligible.isActive', true);
cmTag.set('isGetRv1OnlyForEligible.delayPrediction', false);
cmTag.set('player.settings.vwclcflbkenbld', true);
cmTag.set('scrollEndTimeout', 500);
cmTag.set('player.settings.omid.isActive', true);

// Cookie sync predictor config
cmTag.set('predictors.time.cookieSync.isActive', true);
cmTag.set('predictors.time.cookieSync.lengthInSeconds', 20);
cmTag.set('predictors.time.cookieSync.repeat', 1);

cmTag.set('components.CloseButtonView.delay', 0);


cmTag.push = cmTag.push || function() {};

cmTag.set("player.settings.tmbtwfs", function(successes, failures, store) {
    if (failures > 45) {
        return 999;
    }
    return store.get('time_between_waterfall');
});


cmTag.set('player.settings.mntmbtwfsf', function(successes, failures, store) {
    if (failures > 45) {
        return 999000;
    }
    return store.get('mintimwf');
});
cmTag.set('unitThrottlerFiltered', "false");

cmTag.setByCondition({
    conditions: [{
        key: 'preset.level',
        val: 1
    }, {
        key: "unitThrottlerFiltered",
        val: true
    }],
    settings: {
        'preset.level': 3
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'countryIsoCode',
        val: 'bra'
    }],
    settings: {
        'player.settings.expxls.adimpression': 'https://sb.scorecardresearch.com/p?c1=2&c2=34311413&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=%%impression_id%%&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=%%duration%%&ns_st_pt=0&c3=2&c4=&c6=&ns_ts=%%timestamp%%',
        'player.settings.expxls.advideocomplete': 'https://sb.scorecardresearch.com/p?c1=2&c2=34311413&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=%%impression_id%%&ns_st_ec=2&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va00&ns_st_cl=%%duration%%&ns_st_pt=%%duration%%&c3=2&c4=&c6=&ns_ts=%%timestamp%%'
    }
});




if ('am' == 'la' || 'am' == 'LA') {
    cmTag.set('cm_predictors.time.cookieSync.isActive', false);
}

if ('am' == 'sg' || 'am' == 'SG') {
    cmTag.set('player.settings.wf_base_path', '//sg-wf.taboola.com');
}

if ('am' == 'hk' || 'am' == 'HK' || 'am' == 'ch' || 'am' == 'CH' || 'am' == 'us' || 'am' == 'US' || 'am' == 'la' || 'am' == 'LA') {
    cmTag.set('numOfWfUntilDcSwitch', 1);
    cmTag.set('player.settings.numOfWfUntilDcSwitch', 1);
}

if ('am' == 'am' || 'am' == 'AM') {
    cmTag.set('numOfWfUntilDcSwitch', 2);
    cmTag.set('player.settings.numOfWfUntilDcSwitch', 2);
}


cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 166717
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 1,
        'abTest': '166721b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 166717
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 1,
        'abTest': '166721b_vA'
    }
});

cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 292045
    }],
    settings: {
        "preroll.pubId": 208401,
        "preroll.pubTagId": 1047981,
        "midroll.pubId": 208401,
        "midroll.pubTagId": 1047981,
        "postroll.pubId": 208401,
        "postroll.pubTagId": 1047981,
        "pubId": 208401,
        "pubTagId": 1047981,
        "migratedwf": 2,
        'abTest': '166724b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 292045
    }],
    settings: {
        "preroll.pubId": 208401,
        "preroll.pubTagId": 1047981,
        "midroll.pubId": 208401,
        "midroll.pubTagId": 1047981,
        "postroll.pubId": 208401,
        "postroll.pubTagId": 1047981,
        "pubId": 208401,
        "pubTagId": 1047981,
        "migratedwf": 2,
        'abTest': '166724b_vA'
    }
});


cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 236525
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 3,
        'abTest': '166725b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 236525
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 3,
        'abTest': '166725b_vA'
    }
});


cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 198827
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 4,
        'abTest': '206725b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 198827
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 4,
        'abTest': '206725b_vA'
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'IL'
    }],
    settings: {
        'player.settings.optpwov': 0,
        'isPWOV': false,
        'onOutOfView': 'pause'
    }
});

cmTag.set("player.settings.frcmtfrms", true);
cmTag.set("player.settings.fire_piggies", true);
cmTag.set("secondsBW", 17);
cmTag.set("player.settings.adto", 300000);
cmTag.set("player.settings.vakll", 300000);
cmTag.set("noaop", 3);
cmTag.set("player.settings.rstmrai", true);
cmTag.set("player.settings.dsktmouttoadcmpltn", 30000);
cmTag.set("player.settings.mprdct", 0.033);
cmTag.set("category", "ShortContent");



cmTag.set('pixels.startWithABT.isFire', true);
cmTag.set('player.settings.mprdct', 0.025);
cmTag.push('abTest', 'mprdctdt6_vA');







cmTag.set('vForce.getAdTimeoutSeconds', 60);
cmTag.set('secondsToCloseGlobal', 0);
cmTag.set('predictors.distancePixels.isListenToScrollSpeedChange', true);
cmTag.set('predictors.playerReady.isActive', true);
cmTag.set('predictors.playerReady.predictPoint', 0);
cmTag.set('predictors.multiAd.isActive', true);
cmTag.set('predictors.multiAd.predictPoints.1.qState', 'q3');
cmTag.set('predictors.multiAd.predictPoints.0.qState', 'q1');
cmTag.set('predictors.getAdFail.isActive', true);
cmTag.set('predictors.distancePixels.isActive', true);
cmTag.set('predictors.distancePixels.predictPoints.1.pixelsFromSelectors', 10);
cmTag.set('vForce.isActive', true);
cmTag.set('isMultiAd', true);
cmTag.set('scrollEndTimeout', 500);
cmTag.set('playPriority.type', 'ppKey');
cmTag.set('playPriority.key', 1);
cmTag.set('isTestParentSelector', true);
cmTag.set('isReportToKibana', true);
cmTag.set('player.settings.rplvpdactv', true);
cmTag.set('player.settings.bllblevt', '1,21,22,23,24,25,30,32,42');
cmTag.set('bllblevt', '1,21,22,23,24,25,30,32,42');
cmTag.set('isOppsulaEnabled', true);
cmTag.set('microServices.oppsula.version', '1.4.4');
cmTag.set('psthdrs', 'text/plain');
cmTag.set('player.settings.cmbopps', true);
cmTag.set('cmbopps', true);
cmTag.set('verticalWidthThreshold', 480);
cmTag.set('predictors.distancePixels.maxPPS', 100);
cmTag.set('predictors.intersection.isActive', true);
cmTag.set('predictors.intersection.predictPoints.1.intersectionPercent', 50);
cmTag.set('predictors.intersection.isStartWF', true);
cmTag.set('predictors.emptyQueue.predictPoints', 0);
cmTag.set("predictors.getAdFail.allowedPredictPoints", 0);
cmTag.set('player.settings.vwclcflbkenbld', true);
cmTag.set('player.settings.dwnlnktrshld', 2);
cmTag.set('player.settings.frdwnlnkpxls', 1);
cmTag.set('player.settings.rmvrvlwntwrk', true);
cmTag.set('eligibilityValidator.isActive', false);
cmTag.set("components.adChoice.isTranslateText", false);
cmTag.set("components.Repeat.isTranslateText", true);
cmTag.set("language", "ar");
cmTag.set("player.settings.omidExcludedVendors", []);
cmTag.set("mediatypesArraySkippingViewableCheckAtSendOppMoment", [2]);
cmTag.set("stickyCard.restrictions.isActive.default", true);
cmTag.set("player.settings.externalDelayedEvents", ['AdImpression', 'AdVideoStart', 'AdStarted']);
cmTag.set('player.settings.jsDsbleErlyai', true);
cmTag.set('player.settings.frtbcmpaftrmtvw', false);


cmTag.set('sendBeacon', true);
cmTag.setByCondition({
    conditions: [{
        key: "iframeData.inDFP",
        val: true
    }],
    settings: {
        "isSkippedDistancePredict": true,
        "eligibilityValidator.isActive": false
    }
});
cmTag.setByCondition({
    conditions: [{
        key: 'frameType',
        val: 3
    }],
    settings: {
        'isChangePredictPointsWithAny': true,
        'predictors.intersection.isActive': true,
        'isUseAmpObserver': true,
        'eligibilityValidator.isActive': false
    }
});

cmTag.set("isStayInIframe", true);
cmTag.set("player.settings.disctxt", "");
cmTag.set('midrollTimeout', 3);
cmTag.set('isUseObserver', true);
cmTag.set('isCallIDLE', true);
cmTag.set("isKeepUnitOnMidroll", true);
cmTag.set('predictors.fullEligibility.isActive', true);
cmTag.set('predictors.fullEligibility.maxPPS', 50);
cmTag.set('predictors.distancePixels.maxPPS', 1);
cmTag.set('isForceStopObserver', true);
cmTag.set('isForceSwapToRV', true);
cmTag.set('components.nativeAd.isActive', true);
cmTag.set('floatingNAS.isActive', true);
cmTag.set('predictors.postRepeat.isActive', true);
var isApp = isApp || false;
if (!isApp) {
    cmTag.set('isRvPriority', false);
    cmTag.set('playPriority.isAlwaysWaitForRv', true);
    cmTag.set('playPriority.checkForRvPriority', 'pixelsFromSelector');
    cmTag.set('playPriority.pixelsFromSelector', 50);
    cmTag.set('playPriority.isAllowInIframes', true);
}

var isApp = isApp || false;
if (isApp) {
    cmTag.set("isInAppBridgeOn", true);
    cmTag.set("isUseObserver", false);
    cmTag.set('predictors.playerReady.predictPoint', [0, 0]);
}

cmTag.set('predictors.playerReady.isStartWF', true);
cmTag.set('isUseWidget', true);
cmTag.set('isStartWithLoader', true);
cmTag.set('components.adLoadingProgress.showProgressBar', true);
cmTag.set('predictors.playerReady.predictPoint', [0, 0]);
cmTag.set('animation.transitionAnimationTime', 0);
cmTag.set('predictors.intersection.isActive', false);

cmTag.setByCondition({
    conditions: [{
        key: 'isDisableSticky',
        val: true
    }],
    settings: {
        'stickyCard.isActive': false,
    }
});
cmTag.set("unitType", "WIDGET_ITEM");

cmTag.set("adMaxPlaySeconds", 210);

cmTag.setByCondition({
    conditions: [{
        key: "ep",
        val: "1"
    }],
    settings: {
        isMultiAd: false,
        volume: "onHover",
        isSoundOnHover: true,
        "components.CloseButtonView.hasCloseButton": false,
        "onOutOfView": "pause",
        "originId": 15,
        "preroll.pubId": 133128,
        "preroll.pubTagId": 779408,
        "midroll.pubId": 133128,
        "midroll.pubTagId": 779408,
        "postroll.pubId": 133128,
        "postroll.pubTagId": 779408,
        "pubId": 133128,
        "pubTagId": 779408,
        "player.settings.mprdct": 0,
        "player.settings.encwfrs": false,
        "player.settings.cmbopps": false,
        "abTest": "ep1_vA"
    }
});
if (window.conf300 == 1) {
    cmTag.set("urls.staticImage", "//cdn.cmeden.com/img/play_image_169.jpg");
}
cmTag.set("multiUnitManager.isActive", true);
cmTag.setByCondition({
    conditions: [{
        key: "player.versions.content",
        val: "26_1_18m"
    }],
    settings: {
        "player.versions.content": "14_10_18m"
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'IL'
    }],
    settings: {
        'stickyCard.isActive': false,
        'player.settings.optpwov': 0
    }
});





cmTag.set('pixels.startWithABT.isFire', true);
cmTag.push('abTest', 'spa2_vA');









// Roll out level 4 on amp
cmTag.setByCondition({
    conditions: [{
        key: 'frameType',
        val: 3
    }],
    settings: {
        'pubId': 383725,
        'pubTagId': 2077655,
        'preroll.pubId': 383725,
        'preroll.pubTagId': 2077655,
        'midroll.pubId': 383725,
        'midroll.pubTagId': 2077655,
        'postroll.pubId': 383725,
        'postroll.pubTagId': 2077655
    }
});









cmTag.push('abTest', 'tvrReverse1_vB');
cmTag.set('pixels.startWithABT.isFire', true);
cmTag.push('abTest', 't45');









cmTag.set('noaop', 5);
cmTag.set('player.settings.queue_size', 7);
cmTag.set('predictors.time.isActive', true);
cmTag.set('predictors.time.predictPoints', 0);
cmTag.set('predictors.time.lengthInSeconds', 5);
cmTag.set('predictors.time.repeat', 20);
cmTag.set('maxNonRvVimpsInQueue', 3);
cmTag.push('abTest', 'smbs');


cmTag.set("player.settings.volume", 0);
cmTag.setMacros({
    dast: "V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!",
    dataCenter: "am",
    clickUrl: "",
    referrer: "https%3A%2F%2Fhadibi.ahlamontada.com",
    cipid: "66361655",
    cmDast: "V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!",
    tagId: "e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc",
    creativeId: "-1",
    baseReportD: "taboola.com",
    redId: "022b97b6-a209-4b5c-95c1-61028251b8e0",
    dtagid: "2090795",
    dpubid: "240385",
    vertical: "source",
    placement: "728x90 Thumbnails",
    lineItemId: "-1",
    oppsDataCenter: "am"
});
                                    

#3 JavaScript::Eval (size: 26681, repeated: 1) - SHA256: 3293ef73bcf82ef1df15c984fa340bc401495b0e7021b3fd2b3d4b6d5b26db31

                                        var isApp = false;

cmTag.set('version', '23_2_8');

cmTag.set('sync', 'https://am-match.taboola.com/sync?dast=V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!&excid=22&docw=0&cijs=1&nlb=true');

cmTag.set("player.settings.kaxwnc", 0);


cmTag.setByCondition({
    conditions: [{
        key: "ep",
        val: 1
    }],
    settings: {
        isMultiAd: false
    }
});
cmTag.set("preset", {
    "level": 1
});
cmTag.set('player.settings.regx', '\x22\x64\x65\x6D\x61\x6E\x64\x53\x6F\x75\x72\x63\x65\x49\x64\x22\x3A\x35\x34\x36\x38\x34\x7C\x2E\x63\x6C\x65\x61\x72\x73\x74\x72\x65\x61\x6D\x2E\x74\x76\x7C\x2E\x63\x6C\x72\x73\x74\x6D\x2E\x63\x6F\x6D\x7C\x74\x6D\x2D\x70\x72\x6F\x6D\x6F\x2E\x73\x33\x2E\x61\x6D\x61\x7A\x6F\x6E\x61\x77\x73\x7C\x61\x64\x76\x65\x72\x74\x69\x73\x69\x6E\x67\x73\x74\x6F\x72\x79\x2E\x63\x6F\x6D\x7C\x6D\x65\x64\x69\x61\x67\x72\x6F\x75\x70\x61\x64\x73\x2E\x63\x6F\x6D\x7C\x65\x6C\x69\x74\x65\x6C\x6D\x65\x64\x69\x61\x61\x64\x76\x65\x72\x74\x69\x73\x69\x6E\x67\x2E\x63\x6F\x6D\x7C\x76\x65\x72\x74\x61\x6D\x65\x64\x69\x61\x2E\x63\x6F\x6D\x7C\x6D\x65\x64\x69\x61\x67\x72\x6F\x75\x70\x70\x72\x6F\x2E\x63\x6F\x6D\x7C\x68\x69\x67\x68\x72\x61\x74\x65\x64\x61\x64\x73\x2E\x63\x6F\x6D\x7C\x2E\x76\x69\x64\x65\x6F\x67\x72\x61\x6D\x6D\x69\x63\x2E\x63\x6F\x6D\x7C\x76\x69\x64\x65\x6F\x67\x72\x61\x6D\x6D\x69\x63\x2E\x63\x6F\x6D\x7C\x66\x69\x6C\x65\x73\x2E\x77\x65\x62\x76\x69\x64\x65\x6F\x67\x6C\x6F\x62\x61\x6C\x2E\x63\x6F\x6D\x7C\x77\x65\x62\x76\x69\x64\x65\x6F\x67\x6C\x6F\x62\x61\x6C\x2E\x63\x6F\x6D\x7C\x77\x65\x62\x6D\x65\x64\x69\x61\x61\x70\x70\x2E\x63\x6F\x6D\x66\x69\x6C\x65\x73\x2E\x77\x65\x62\x6D\x65\x64\x69\x61\x61\x70\x70\x2E\x63\x6F\x6D\x7C\x6D\x61\x72\x6B\x65\x74\x69\x6E\x67\x76\x69\x64\x65\x6F\x6E\x6F\x77\x2E\x63\x6F\x6D\x7C\x70\x6F\x70\x6F\x76\x69\x64\x65\x6F\x61\x64\x2E\x63\x6F\x6D\x7C\x64\x61\x66\x61\x63\x64\x64\x2E\x61\x73\x69\x61\x7C\x73\x62\x2E\x77\x69\x6E\x39\x39\x39\x77\x69\x6E\x2E\x63\x6F\x6D\x7C\x6E\x73\x73\x66\x2E\x63\x6F\x6D\x7C\x75\x70\x69\x65\x77\x2E\x63\x6F\x6D\x7C\x70\x69\x65\x77\x2E\x63\x6F\x6D\x7C\x76\x2E\x73\x68\x75\x6C\x63\x6F\x6E\x74\x2E\x63\x6F\x6D\x7C\x76\x2E\x61\x6C\x67\x6F\x76\x69\x64\x2E\x63\x6F\x6D\x7C\x76\x69\x64\x2E\x73\x70\x72\x69\x6E\x67\x73\x65\x72\x76\x65\x2E\x63\x6F\x6D\x7C\x70\x6D\x69\x2E\x63\x6F\x6D');

cmTag.set('player.settings.hjkbldomsencdd', ["dGFncy5ia3J0eC5jb20=", "bGlwaWthcl9ib2R5Y2FyZV9hd2FyZW5lc3M=", "Z2FjZG4=", "bWlycmEuaW8=", "YnJ0bWVkaWE=", "VUEtNTcwODQyNTctNw==", "Y29pbi1oaXZlLmNvbQ==", "YnVuZGxlLmNsZWFyc3RyZWFtLnR2", "LmNscnN0bS5jb20=", "dmlkZW8ubGVhZHp1LmNvbQ==", "LmxlYWR6dS5jb20=", "czAuMm1kbi5uZXQvYWRzL3JpY2htZWRpYS9zdHVkaW8vcHYyLzYwMTI4Njk2Lw==", "YWR2ZXJ0aXNpbmdzdG9yeS5jb20=", "bWVkaWFncm91cGFkcy5jb20=", "ZWxpdGVsbWVkaWFhZHZlcnRpc2luZy5jb20=", "dmVydGFtZWRpYS5jb20=", "bWVkaWFncm91cHByby5jb20=", "aGlnaHJhdGVkYWRzLmNvbQ==", "dmlkZW9ncmFtbWljLmNvbQ==", "bWFya2V0aW5ndmlkZW9ub3cuY29t", "c3RhdGljLm1hcmtldGluZ3ZpZGVvbm93LmNvbQ==", "ZmlsZXMud2VidmlkZW9nbG9iYWwuY29t", "d2VidmlkZW9nbG9iYWwuY29t", "d2VibWVkaWFhcHAuY29t", "ZmlsZXMud2VibWVkaWFhcHAuY29t", "cG9wb3ZpZGVvYWQuY29t", "c2Iudm9pY2VmaXZlLmNvbQ==", "b25lLm00ZGMuY29t", "dXBpZXcuY29t", "cGlldy5jb20=", "di5zaHVsY29udC5jb20=", "di5hbGdvdmlkLmNvbQ==", "dmlkLnNwcmluZ3NlcnZlLmNvbQ==", "cG1pLmNvbQ=="]);

cmTag.set('liteUnitVersion', '3.9.5');
cmTag.set('player.versions.vplayer', 'v14.8.3');
cmTag.set('player.settings.anltcsurlv2', '/vpaid/vpaidAnalytics.3.js');
cmTag.set('player.settings.anltcsurlv4', '/vpaid/vpaidAnalytics.40.js');
cmTag.set('player.settings.hjkv1', '/vpaid/hjk.226.js');
cmTag.set('player.settings.dsu', '/vpaid/ds/188/dsm.js');
cmTag.set("player.settings.use_flash_player", false);
cmTag.set('player.settings.vidfkadldt', 100);
cmTag.set('player.settings.mintimwf', 5000);
cmTag.set('player.settings.dlyimpnonmoatrv', true);
cmTag.set('player.settings.frgtadpxls', 0);
cmTag.set('player.settings.rprtwrpropntime', true);
cmTag.set('player.settings.slwcnctlngt', 10);
cmTag.set('player.settings.mnbfrsz', 0.25);
cmTag.set("player.settings.prftchmxlngth", 15);
cmTag.set('player.settings.adtrgtcss', true);
cmTag.set('player.settings.pvpd', 'javascript');
cmTag.set('player.settings.prbdjsv', '1.0.18');
cmTag.set('player.settings.prfrmncmsrmnts', true);
cmTag.set('player.settings.encwfrs', true);
cmTag.set('player.settings.prfrmdfl', 'javascript');
cmTag.set('elasticLogger.isActive', false);
cmTag.set('elasticLogger.maxEventsToLog', 500);
cmTag.set('player.settings.dpndonuntfrlgtoelstc', false);
cmTag.set('player.settings.qsrtscr', function(it, vpd) {
    if (vpd.alfrox === 0 && vpd.rpox > 0) {
        return ((vpd.requiredViewability << 30) | (vpd.priority << 16) | parseInt(vpd.rpox * 1000));
    }
    return ((vpd.requiredViewability << 30) | (vpd.priority << 16) | parseInt(vpd.alfrox * vpd.rpox * 1000));
});
cmTag.set("player.settings.updtcmpbfrwf", false);
cmTag.set("components.adChoice.isActive", false);
cmTag.set("timeBetweenAds", 0);
cmTag.set("canStartPlayer", true);
cmTag.set('isAnimateOnClose', true);
cmTag.set('isToggleIframeContent', true);
cmTag.set('isPWOV', true);
cmTag.set('secondsToCloseGlobal', 2700);
cmTag.set('pubViewabilityPercent', 0);
cmTag.set('trcPerformanceMeasurementEnabled', true);
cmTag.set('additionalCss', {
    'text-align': 'left'
});
cmTag.set('player.urls.contentVideosLocation', '//vidstatb.taboola.com/vid');
cmTag.set('player.urls.contentImagesLocation', '//vidstatb.taboola.com/vid/img');
cmTag.set('microServices.PMS.version', '3.2.2');
cmTag.set('unitsBaseUrl', '//vidstat.taboola.com/vpaid/units/');
cmTag.set('player.urls.vplayerLocation', '//vidstat.taboola.com/vpaid/vPlayer');
cmTag.set('hasSupportTool', true);
cmTag.set('bllblevt', '1,21,22,23,24,25,30,32,42');
cmTag.set('gaFactor', 10000);


var dsvr = "" || false;
cmTag.set("player.settings.dataSaver", false);
if (dsvr === 'on') {
    cmTag.set("player.settings.max_ready_vpaid", 4);
    cmTag.set("player.settings.mintimwf", 5000);
}

cmTag.set("countryIsoCode", "nor");
cmTag.setByCondition({
    conditions: [{
        key: 'countryIsoCode',
        val: 'tha'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'TH'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'countryIsoCode',
        val: 'ind'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'IN'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});




cmTag.set('version', '32_3_0');
cmTag.set('pixels.url', '//am-vid-events.taboola.com/st');
cmTag.set('pixels.unitLoadedWithFill.isFire', false);
cmTag.set('fireLoadUnitPixelsFactor', 10);
cmTag.set("secondsToClose", 120);
cmTag.set("adMaxPlaySeconds", 210);
cmTag.set('player.settings.prtct', '/vpaid/hjk.16.js');
cmTag.set('player.settings.cntonvfrc', false);
cmTag.set('player.settings.mxemptwf', 5);
cmTag.set('player.settings.ltmxemptwf', 5);
cmTag.set('player.settings.erlyai', true);
cmTag.set("player.settings.timbtopps", 5000);
cmTag.set('player.settings.frstlk', true);
cmTag.set('viewPercent', '50');
cmTag.set('timbtopps', 5000);
cmTag.set('cookieMatchActive', true);
cmTag.set('maxNonRvVimpsInQueue', 2);
cmTag.set('maxVimpsInQueue', 1);
cmTag.set('numOfWfUntilDcSwitch', 19);
cmTag.set('eligibilityValidator.isActive', false);
cmTag.set('eligibilityValidator.observers.mutation.isActive', true);
cmTag.set('eligibilityValidator.observers.mutation.isObserveParent', true);
cmTag.set('eligibilityValidator.isRvOnly', true);
cmTag.set('player.settings.rvfrquesttsemttr', 'any');
cmTag.set('pixels.overlayDetectedAfterImpression.factor', 20);
cmTag.set('animation', false);
cmTag.set('clsDetector.isActive', true);
// Browser and OS wurfl
cmTag.set("wurfl.os.name", "Linux");
cmTag.set("wurfl.os.version", "");
cmTag.set("wurfl.browser.name", "Firefox");
cmTag.set("wurfl.browser.version", "96");
cmTag.set("player.settings.wurfl.os.name", "Linux");
cmTag.set("player.settings.wurfl.os.version", "");
cmTag.set("player.settings.wurfl.browser.name", "Firefox");
cmTag.set("player.settings.wurfl.browser.version", "96");

cmTag.set('opps.detach.isFire', true);
cmTag.set('opps.attach.isFire', true);
cmTag.set("player.settings.sndvltopp", false);
cmTag.set('player.settings.tglifrmcntndsplyactv', true);
cmTag.set('player.settings.aduntldflbfruntld', true);
cmTag.set('player.settings.dtctprvtbrwsng', false);
cmTag.set('isUseNewViewabilityCalc', true);
cmTag.set('100viewPercent', 98);
cmTag.set('traceViewability100Seconds', 0);
cmTag.set('isChangePredictPointsWithAny', false);
cmTag.set('isCancelGetAdOnEligibilityLost.isActive', true);
cmTag.set('isCancelGetAdOnEligibilityLost.includeRVAny', true);
cmTag.set('isGetRv1OnlyForEligible.isActive', true);
cmTag.set('isGetRv1OnlyForEligible.delayPrediction', false);
cmTag.set('player.settings.vwclcflbkenbld', true);
cmTag.set('scrollEndTimeout', 500);
cmTag.set('player.settings.omid.isActive', true);

// Cookie sync predictor config
cmTag.set('predictors.time.cookieSync.isActive', true);
cmTag.set('predictors.time.cookieSync.lengthInSeconds', 20);
cmTag.set('predictors.time.cookieSync.repeat', 1);

cmTag.set('components.CloseButtonView.delay', 0);


cmTag.push = cmTag.push || function() {};

cmTag.set("player.settings.tmbtwfs", function(successes, failures, store) {
    if (failures > 45) {
        return 999;
    }
    return store.get('time_between_waterfall');
});


cmTag.set('player.settings.mntmbtwfsf', function(successes, failures, store) {
    if (failures > 45) {
        return 999000;
    }
    return store.get('mintimwf');
});
cmTag.set('unitThrottlerFiltered', "false");

cmTag.setByCondition({
    conditions: [{
        key: 'preset.level',
        val: 1
    }, {
        key: "unitThrottlerFiltered",
        val: true
    }],
    settings: {
        'preset.level': 3
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'countryIsoCode',
        val: 'bra'
    }],
    settings: {
        'player.settings.expxls.adimpression': 'https://sb.scorecardresearch.com/p?c1=2&c2=34311413&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=%%impression_id%%&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=%%duration%%&ns_st_pt=0&c3=2&c4=&c6=&ns_ts=%%timestamp%%',
        'player.settings.expxls.advideocomplete': 'https://sb.scorecardresearch.com/p?c1=2&c2=34311413&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=%%impression_id%%&ns_st_ec=2&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va00&ns_st_cl=%%duration%%&ns_st_pt=%%duration%%&c3=2&c4=&c6=&ns_ts=%%timestamp%%'
    }
});




if ('am' == 'la' || 'am' == 'LA') {
    cmTag.set('cm_predictors.time.cookieSync.isActive', false);
}

if ('am' == 'sg' || 'am' == 'SG') {
    cmTag.set('player.settings.wf_base_path', '//sg-wf.taboola.com');
}

if ('am' == 'hk' || 'am' == 'HK' || 'am' == 'ch' || 'am' == 'CH' || 'am' == 'us' || 'am' == 'US' || 'am' == 'la' || 'am' == 'LA') {
    cmTag.set('numOfWfUntilDcSwitch', 1);
    cmTag.set('player.settings.numOfWfUntilDcSwitch', 1);
}

if ('am' == 'am' || 'am' == 'AM') {
    cmTag.set('numOfWfUntilDcSwitch', 2);
    cmTag.set('player.settings.numOfWfUntilDcSwitch', 2);
}


cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 166717
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 1,
        'abTest': '166721b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 166717
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 1,
        'abTest': '166721b_vA'
    }
});

cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 292045
    }],
    settings: {
        "preroll.pubId": 208401,
        "preroll.pubTagId": 1047981,
        "midroll.pubId": 208401,
        "midroll.pubTagId": 1047981,
        "postroll.pubId": 208401,
        "postroll.pubTagId": 1047981,
        "pubId": 208401,
        "pubTagId": 1047981,
        "migratedwf": 2,
        'abTest': '166724b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 292045
    }],
    settings: {
        "preroll.pubId": 208401,
        "preroll.pubTagId": 1047981,
        "midroll.pubId": 208401,
        "midroll.pubTagId": 1047981,
        "postroll.pubId": 208401,
        "postroll.pubTagId": 1047981,
        "pubId": 208401,
        "pubTagId": 1047981,
        "migratedwf": 2,
        'abTest': '166724b_vA'
    }
});


cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 236525
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 3,
        'abTest': '166725b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 236525
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 3,
        'abTest': '166725b_vA'
    }
});


cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 198827
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 4,
        'abTest': '206725b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 198827
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 4,
        'abTest': '206725b_vA'
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'IL'
    }],
    settings: {
        'player.settings.optpwov': 0,
        'isPWOV': false,
        'onOutOfView': 'pause'
    }
});

cmTag.set("player.settings.frcmtfrms", true);
cmTag.set("player.settings.fire_piggies", true);
cmTag.set("secondsBW", 17);
cmTag.set("player.settings.adto", 300000);
cmTag.set("player.settings.vakll", 300000);
cmTag.set("noaop", 3);
cmTag.set("player.settings.rstmrai", true);
cmTag.set("player.settings.dsktmouttoadcmpltn", 30000);
cmTag.set("player.settings.mprdct", 0.033);
cmTag.set("category", "ShortContent");



cmTag.set('pixels.startWithABT.isFire', true);
cmTag.set('player.settings.mprdct', 0.025);
cmTag.push('abTest', 'mprdctdt6_vA');







cmTag.set('vForce.getAdTimeoutSeconds', 60);
cmTag.set('secondsToCloseGlobal', 0);
cmTag.set('predictors.distancePixels.isListenToScrollSpeedChange', true);
cmTag.set('predictors.playerReady.isActive', true);
cmTag.set('predictors.playerReady.predictPoint', 0);
cmTag.set('predictors.multiAd.isActive', true);
cmTag.set('predictors.multiAd.predictPoints.1.qState', 'q3');
cmTag.set('predictors.multiAd.predictPoints.0.qState', 'q1');
cmTag.set('predictors.getAdFail.isActive', true);
cmTag.set('predictors.distancePixels.isActive', true);
cmTag.set('predictors.distancePixels.predictPoints.1.pixelsFromSelectors', 10);
cmTag.set('vForce.isActive', true);
cmTag.set('isMultiAd', true);
cmTag.set('scrollEndTimeout', 500);
cmTag.set('playPriority.type', 'ppKey');
cmTag.set('playPriority.key', 1);
cmTag.set('isTestParentSelector', true);
cmTag.set('isReportToKibana', true);
cmTag.set('player.settings.rplvpdactv', true);
cmTag.set('player.settings.bllblevt', '1,21,22,23,24,25,30,32,42');
cmTag.set('bllblevt', '1,21,22,23,24,25,30,32,42');
cmTag.set('isOppsulaEnabled', true);
cmTag.set('microServices.oppsula.version', '1.4.4');
cmTag.set('psthdrs', 'text/plain');
cmTag.set('player.settings.cmbopps', true);
cmTag.set('cmbopps', true);
cmTag.set('verticalWidthThreshold', 480);
cmTag.set('predictors.distancePixels.maxPPS', 100);
cmTag.set('predictors.intersection.isActive', true);
cmTag.set('predictors.intersection.predictPoints.1.intersectionPercent', 50);
cmTag.set('predictors.intersection.isStartWF', true);
cmTag.set('predictors.emptyQueue.predictPoints', 0);
cmTag.set("predictors.getAdFail.allowedPredictPoints", 0);
cmTag.set('player.settings.vwclcflbkenbld', true);
cmTag.set('player.settings.dwnlnktrshld', 2);
cmTag.set('player.settings.frdwnlnkpxls', 1);
cmTag.set('player.settings.rmvrvlwntwrk', true);
cmTag.set('eligibilityValidator.isActive', false);
cmTag.set("components.adChoice.isTranslateText", false);
cmTag.set("components.Repeat.isTranslateText", true);
cmTag.set("language", "ar");
cmTag.set("player.settings.omidExcludedVendors", []);
cmTag.set("mediatypesArraySkippingViewableCheckAtSendOppMoment", [2]);
cmTag.set("stickyCard.restrictions.isActive.default", true);
cmTag.set("player.settings.externalDelayedEvents", ['AdImpression', 'AdVideoStart', 'AdStarted']);
cmTag.set('player.settings.jsDsbleErlyai', true);
cmTag.set('player.settings.frtbcmpaftrmtvw', false);


cmTag.set('sendBeacon', true);
cmTag.setByCondition({
    conditions: [{
        key: "iframeData.inDFP",
        val: true
    }],
    settings: {
        "isSkippedDistancePredict": true,
        "eligibilityValidator.isActive": false
    }
});
cmTag.setByCondition({
    conditions: [{
        key: 'frameType',
        val: 3
    }],
    settings: {
        'isChangePredictPointsWithAny': true,
        'predictors.intersection.isActive': true,
        'isUseAmpObserver': true,
        'eligibilityValidator.isActive': false
    }
});

cmTag.set("isStayInIframe", true);
cmTag.set("player.settings.disctxt", "");
cmTag.set('midrollTimeout', 3);
cmTag.set('isUseObserver', true);
cmTag.set('isCallIDLE', true);
cmTag.set("isKeepUnitOnMidroll", true);
cmTag.set('predictors.fullEligibility.isActive', true);
cmTag.set('predictors.fullEligibility.maxPPS', 50);
cmTag.set('predictors.distancePixels.maxPPS', 1);
cmTag.set('isForceStopObserver', true);
cmTag.set('isForceSwapToRV', true);
cmTag.set('components.nativeAd.isActive', true);
cmTag.set('floatingNAS.isActive', true);
cmTag.set('predictors.postRepeat.isActive', true);
var isApp = isApp || false;
if (!isApp) {
    cmTag.set('isRvPriority', false);
    cmTag.set('playPriority.isAlwaysWaitForRv', true);
    cmTag.set('playPriority.checkForRvPriority', 'pixelsFromSelector');
    cmTag.set('playPriority.pixelsFromSelector', 50);
    cmTag.set('playPriority.isAllowInIframes', true);
}

var isApp = isApp || false;
if (isApp) {
    cmTag.set("isInAppBridgeOn", true);
    cmTag.set("isUseObserver", false);
    cmTag.set('predictors.playerReady.predictPoint', [0, 0]);
}

cmTag.set('predictors.playerReady.isStartWF', true);
cmTag.set('isUseWidget', true);
cmTag.set('isStartWithLoader', true);
cmTag.set('components.adLoadingProgress.showProgressBar', true);
cmTag.set('predictors.playerReady.predictPoint', [0, 0]);
cmTag.set('animation.transitionAnimationTime', 0);
cmTag.set('predictors.intersection.isActive', false);

cmTag.setByCondition({
    conditions: [{
        key: 'isDisableSticky',
        val: true
    }],
    settings: {
        'stickyCard.isActive': false,
    }
});
cmTag.set("unitType", "WIDGET_ITEM");

cmTag.set("adMaxPlaySeconds", 210);

cmTag.setByCondition({
    conditions: [{
        key: "ep",
        val: "1"
    }],
    settings: {
        isMultiAd: false,
        volume: "onHover",
        isSoundOnHover: true,
        "components.CloseButtonView.hasCloseButton": false,
        "onOutOfView": "pause",
        "originId": 15,
        "preroll.pubId": 133128,
        "preroll.pubTagId": 779408,
        "midroll.pubId": 133128,
        "midroll.pubTagId": 779408,
        "postroll.pubId": 133128,
        "postroll.pubTagId": 779408,
        "pubId": 133128,
        "pubTagId": 779408,
        "player.settings.mprdct": 0,
        "player.settings.encwfrs": false,
        "player.settings.cmbopps": false,
        "abTest": "ep1_vA"
    }
});
if (window.conf300 == 1) {
    cmTag.set("urls.staticImage", "//cdn.cmeden.com/img/play_image_169.jpg");
}
cmTag.set("multiUnitManager.isActive", true);
cmTag.setByCondition({
    conditions: [{
        key: "player.versions.content",
        val: "26_1_18m"
    }],
    settings: {
        "player.versions.content": "14_10_18m"
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'IL'
    }],
    settings: {
        'stickyCard.isActive': false,
        'player.settings.optpwov': 0
    }
});





cmTag.set('pixels.startWithABT.isFire', true);
cmTag.push('abTest', 'spa2_vA');









// Roll out level 4 on amp
cmTag.setByCondition({
    conditions: [{
        key: 'frameType',
        val: 3
    }],
    settings: {
        'pubId': 383725,
        'pubTagId': 2077655,
        'preroll.pubId': 383725,
        'preroll.pubTagId': 2077655,
        'midroll.pubId': 383725,
        'midroll.pubTagId': 2077655,
        'postroll.pubId': 383725,
        'postroll.pubTagId': 2077655
    }
});









cmTag.push('abTest', 'tvrReverse1_vB');
cmTag.set('pixels.startWithABT.isFire', true);
cmTag.push('abTest', 't45');









cmTag.set('noaop', 5);
cmTag.set('player.settings.queue_size', 7);
cmTag.set('predictors.time.isActive', true);
cmTag.set('predictors.time.predictPoints', 0);
cmTag.set('predictors.time.lengthInSeconds', 5);
cmTag.set('predictors.time.repeat', 20);
cmTag.set('maxNonRvVimpsInQueue', 3);
cmTag.push('abTest', 'smbs');


cmTag.set("player.settings.volume", 0);
cmTag.setMacros({
    dast: "V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!",
    dataCenter: "am",
    clickUrl: "",
    referrer: "https%3A%2F%2Fhadibi.ahlamontada.com",
    cipid: "8083555",
    cmDast: "V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!",
    tagId: "e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc",
    creativeId: "5664665",
    baseReportD: "taboola.com",
    redId: "7ee57cce-fac9-4fe2-8e38-d41621ed97a0",
    dtagid: "2090795",
    dpubid: "240385",
    vertical: "inline",
    placement: "Below Desktop Forum Thumbnails",
    lineItemId: "2358075",
    oppsDataCenter: "am"
});
                                    

#4 JavaScript::Eval (size: 80, repeated: 1) - SHA256: 1f0f4cc20b133f4c6ebfe43dfba29beaefa491338e84771d4d91477cddc38380

                                        (() => {
    const a = async
    function name() {};
    window['e8x29ueiajl'] = true;
})()
                                    

#5 JavaScript::Eval (size: 9, repeated: 1) - SHA256: 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351

                                        debugger;
                                    

Executed Writes (2)

#1 JavaScript::Write (size: 104, repeated: 1) - SHA256: 147f74332da8a3a6025c02528aa92901c92553e8066a4924adf0b4d08a8439fc

                                        < script src = "https://stootsou.net/pfe/current/tag.min.js?z=2308013"
data - cfasync = "false"
async > < /script>
                                    

#2 JavaScript::Write (size: 759, repeated: 1) - SHA256: a7e9c7904cd65627b33964bbb90839a2fa154c33d9c353413da6dcdc4fba2295

                                        < !doctype html >
    < body >
    < script >
    document.head = document.head || document.getElementsByTagName('head')[0]; < /script> < div class = "popupContentWrapper" >
    < div class = " trc_popover_title_wrapper " >
    < div class = " trc_popover_title "
id = "trc_userx_popover_title" >
    < span class = " trc_popover_title_text " > < /span> < /div> < /div> < div class = " trc_popover_content_wrapper " >
    < div id = "trc_userx_popover_content"
class = " trc_popover_content " > < /div> < /div> < /div> < /body>
                                    


HTTP Transactions (150)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: hadibi.ahlamontada.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         94.23.73.212
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 27 Sep 2022 12:56:47 GMT
Content-Length: 0
Location: https://hadibi.ahlamontada.com/

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 12:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VXT-2ww9mj6BnFsRoUF1AedotvcaYra_AwBq8DnPqsGEZzfIwxzOXw==
Age: 2477


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6889
Expires: Tue, 27 Sep 2022 14:51:36 GMT
Date: Tue, 27 Sep 2022 12:56:47 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YzWP_xjkaTk25CH5VeMIXJVasVxuPyR5kch6jITPt7G4wfvmQh1seQ==
age: 12754
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7165BF99D639896E10B20FB510CAB44B6C6891EA650A592AC804551FF4783C63"
Last-Modified: Mon, 26 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=824
Expires: Tue, 27 Sep 2022 13:10:31 GMT
Date: Tue, 27 Sep 2022 12:56:47 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:47 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2748
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:56:47 GMT
Last-Modified: Tue, 27 Sep 2022 12:10:59 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6058
Cache-Control: max-age=148862
Date: Tue, 27 Sep 2022 12:56:47 GMT
Etag: "63327de3-117"
Expires: Thu, 29 Sep 2022 06:17:49 GMT
Last-Modified: Tue, 27 Sep 2022 04:36:51 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.42
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 10:40:15 GMT
expires: Mon, 25 Sep 2023 10:40:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 180992
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Size:   33845
Md5:    d989f35706c62ce4a5c561586c55566e
Sha1:   d32e7958e5765609bf08dcdefd0b2c2a8714ce34
Sha256: 375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
                                        
                                            GET /gtag/js?id=UA-144347007-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 12:56:47 GMT
expires: Tue, 27 Sep 2022 12:56:47 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42223
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1720)
Size:   42223
Md5:    96a60096487d2819054bef6fe52ec171
Sha1:   17b521be2ffd8e7edcdc90d5b5b2a36131f96b4f
Sha256: 16e651156d9955bed9a65c17e86df5baf9a0882b70f10e3780df1dd81b99a184
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5878
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:56:47 GMT
Last-Modified: Tue, 27 Sep 2022 11:18:49 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /gtag/js?id= HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 12:56:47 GMT
expires: Tue, 27 Sep 2022 12:56:47 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 36074
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1720)
Size:   36074
Md5:    7c83edc2c8d8fef8222ff0758a17a712
Sha1:   e5f7626c1de9588ed15f3d96ba9795ba138c9aa1
Sha256: a32d59a727fa6c844623fb895d13206e958c836724f563fc8efce0369d72c54e
                                        
                                            GET /i/empty.gif HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.110.19
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 12:56:47 GMT
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 19420781
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYRwDtztaP0xiaW%2BGv3RW5rUXbd2XcIBeBJ4zKuo8XQLgy5NBk7RdRbyP2asQHPtBM6t77yfVGgUKrwFO3Ij%2Fj9fsOrAMqIyJ9SuWKdTCjn6nL%2BC1fUutdhlRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751466c248d2f41f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    6d22e4f2d2057c6e8d6fab098e76e80f
Sha1:   b80b11203d97fe01c5597ca3be70406ea48f5709
Sha256: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
                                        
                                            GET /0-rtl.css HTTP/1.1 
Host: hadibi.ahlamontada.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Cookie: exadd=166429
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         94.23.150.222
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 27 Sep 2022 12:56:47 GMT
content-length: 54430
last-modified: Tue, 27 Sep 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: HIT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size:   54430
Md5:    95ba96e79ebd254aa8dae5947e2e9d55
Sha1:   69ece860226833568cde7ad1072efe2d264955b7
Sha256: b21b6cece2fdb3a64d2bd28838bca7679f1617b139c074d445e244fe718dbec7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2748
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:56:47 GMT
Last-Modified: Tue, 27 Sep 2022 12:10:59 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5264
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:56:47 GMT
Last-Modified: Tue, 27 Sep 2022 11:29:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 313

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 12:10:46 GMT
Expires: Tue, 27 Sep 2022 12:40:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JtfKxxOMtwzKTsoqp3jrWBYgG5tCGKM1mIATUezPH4unKbjXe0jVsA==
Age: 2761


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /twemoji.min.js HTTP/1.1 
Host: twemoji.maxcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.111.9.57
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 12:56:47 GMT
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:15 GMT
access-control-allow-origin: *
etag: W/"62451edf-3bc8"
expires: Thu, 27 Oct 2022 12:56:47 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: AC1C:2101:52CB7C:54F937:632A1005
vary: Accept-Encoding
x-fastly-request-id: 3daa9c29349b923c7bc2e77b2f3789ec5ff3662e
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   4875
Md5:    931e41d261cc12c335ee6b818b4d2e71
Sha1:   9cfdb49ae2787922418135d0f14d6018fb96520e
Sha256: 4ec51e8cc992c18574d02f4df981c32263082a5f2aa69f9312438d4df7526ce5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C67BC59415DB10FB39D990D12B3099062C9859C2D1360C7B27288FFA9D45016A"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5788
Expires: Tue, 27 Sep 2022 14:33:16 GMT
Date: Tue, 27 Sep 2022 12:56:48 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4973
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:56:48 GMT
Last-Modified: Tue, 27 Sep 2022 11:33:56 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1678
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:56:48 GMT
Last-Modified: Tue, 27 Sep 2022 12:28:50 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=hadibi.ahlamontada.com&var=&ymid=&var_3= HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hadibi.ahlamontada.com/
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:48 GMT
content-length: 758
x-trace-id: c4f340bec30a2fb4440b18081dfc40d5
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (757)
Size:   758
Md5:    73d0c853bbf2cad441e7179cf0a8ec53
Sha1:   9ba0f6b84abb314599877c950f883c2aa2ff12ff
Sha256: 140dd805a254cf3a4866e6c2ce47d1be7786955983e8501c27469d64570a0995
                                        
                                            GET /libtrc/forumotion-ar/loader.js HTTP/1.1 
Host: cdn.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
x-amz-id-2: V5R5kCGtcZa3kLO928RmC2ZVk/FRnQ7iEry3jNDGmCCUgComkBOkuY0IzgarTOKjaknqLTRIyLk=
x-amz-request-id: EP59X7F7N9PFBRKV
last-modified: Mon, 26 Sep 2022 15:50:24 GMT
etag: "f9392b94fb8ac5e1e3b864c036d12f21"
x-amz-version-id: XdlnKNONbuuqvAd_Z5xfnmh_N2seqtvg
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:48 GMT
via: 1.1 varnish
age: 83
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664283408.311909,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 43
content-length: 25113
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65497)
Size:   25113
Md5:    f56a49bf269ea0f903e984cdbed940c5
Sha1:   2dbd0f6ea9174e818b8c20206f20b947cfb0fc09
Sha256: 24a9dfceb774436382e9a3ce0a20d2dd30adb0efb4d2556fda1511dbab3c3add
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 12:41:09 GMT
expires: Tue, 27 Sep 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 939
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            GET /syncframe?origin=publishertag&topUrl=hadibi.ahlamontada.com HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         178.250.0.157
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Tue, 27 Sep 2022 12:56:47 GMT
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=3991c849-c6e2-4a6f-aef7-17aa06a10c8c; expires=Sun, 22 Oct 2023 12:56:47 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 662971
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5351
Md5:    e053fe89925906478339b448de1dd111
Sha1:   ac8a91be9a040eaf43b673d18a7667351fb956d5
Sha256: 036d11f203b375363cd0a07bb76fddc13be006e81304d09abcd33685a196fc51
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1111
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:56:48 GMT
Last-Modified: Tue, 27 Sep 2022 12:38:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /api/vglnk.js HTTP/1.1 
Host: cdn.viglink.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.161.13
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 27 Sep 2022 12:56:48 GMT
content-length: 28567
x-amz-id-2: kFPAC60DOwNQb4CdhqHG+tKjRF2TQjxpEdeKJyhLPdvjoiSwXPmNvXMEMMBRIwIu/QGXu5HJg1c=
x-amz-request-id: NTCW971RKN3GM3ZQ
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
etag: "072eaf64a771815874455704fca9301b"
cache-control: public, max-age=604800
content-encoding: gzip
cf-cache-status: HIT
age: 399064
expires: Tue, 04 Oct 2022 12:56:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751466c67879b527-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (693)
Size:   28567
Md5:    072eaf64a771815874455704fca9301b
Sha1:   6c6226d00f14bb800cd4390b3cd42df941be43b1
Sha256: bb35c8c300bd1acfe7ed86eb988f74ff2e8d86a4fb0409c5d78a890f9fd14b8e
                                        
                                            GET /libtrc/impl.20220922-16-RELEASE.js HTTP/1.1 
Host: cdn.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: COg8lMA673OEz5PM+KFXiDXiosSVySM+TdixW+84HZwxLH8GtDt35DYHxlOgtiehZ9ZB4jLgaQI=
x-amz-request-id: W1R6REBMZ25HV30N
last-modified: Thu, 22 Sep 2022 14:15:17 GMT
etag: "b6247ec22fba797cf6f51ae4c86a6509"
content-encoding: br
x-amz-version-id: wNWqo8c3RDyWSxV8p_CKOzvKdfoSb_oq
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:48 GMT
via: 1.1 varnish
age: 24088
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 12800
x-timer: S1664283408.404943,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 14
server: AmazonS3-br
content-length: 145469
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65508)
Size:   145469
Md5:    b6247ec22fba797cf6f51ae4c86a6509
Sha1:   1807f86f8b7146c10c986fd203d31de61ee67d8a
Sha256: 742c16a6b9e92d702d4e514560b0826268e676278e169e990c548d0bb6dd8a2f
                                        
                                            GET /images/icons-180.png HTTP/1.1 
Host: hadibi.ahlamontada.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Cookie: exadd=166429; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         94.23.150.222
HTTP/2 200 OK
content-type: image/png
                                        
date: Tue, 27 Sep 2022 12:56:48 GMT
content-length: 6055
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 27 Sep 2022 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
x-cache-ic: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   6055
Md5:    6bbc173a2c7add9b97ed5fe2dea15269
Sha1:   2e00950d0813a6d995784905a90c5eb2041f05ee
Sha256: 689c95c5a53fd85782d965279cafd0c06042391eca615fe7e7f799e1bae5cc82
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LDLMSIYweoySFIGQVM76Sg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.148.242.254
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JEtLefd2oaEWKCbEMWBo+R77n4M=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6318
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:56:48 GMT
Last-Modified: Tue, 27 Sep 2022 11:11:30 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6375
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:56:48 GMT
Last-Modified: Tue, 27 Sep 2022 11:10:34 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /pfe/current/universal.min.js?v=3.1.395 HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hadibi.ahlamontada.com/
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:48 GMT
last-modified: Tue, 20 Sep 2022 07:25:49 GMT
etag: W/"63296afd-1fafa"
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            POST /custom HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hadibi.ahlamontada.com/
Content-Type: application/json
Origin: https://hadibi.ahlamontada.com
Content-Length: 381
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:48 GMT
content-length: 39
x-trace-id: 92361714d84ce46fffd360f8ca09be8d
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C23204269E6EC9727B91DE24158F15B7BFB6159E95606089231DB82560513160"
Last-Modified: Mon, 26 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6020
Expires: Tue, 27 Sep 2022 14:37:08 GMT
Date: Tue, 27 Sep 2022 12:56:48 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:56:48 GMT
Last-Modified: Tue, 27 Sep 2022 11:35:54 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gNLYHFNoLU8Y2mFuuvSAh90K_Js_USMEp5KAL_qH5mMJ8yxHcijH8A==
Age: 4854

                                        
                                            POST /api/ping HTTP/1.1 
Host: api.viglink.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 131
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.76.231.160
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hadibi.ahlamontada.com
Cache-Control: no-cache, no-store
Date: Tue, 27 Sep 2022 12:56:48 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 260
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   260
Md5:    1284d45b43749b7efdb7b84959283454
Sha1:   50c5feb59785dfc60a13912cb7e93a888d5f4ddd
Sha256: f01ed1995ec6044b1ecd881d93b764af7d44acad8b2c16f61a0e00f49948710c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:56:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-144347007-1&cid=357745437.1664283406&jid=2056070370&gjid=1747288348&_gid=21466275.1664283406&_u=YEBAAUAAAAAAAC~&z=1573944402 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         64.233.162.154
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://hadibi.ahlamontada.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 12:56:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST /forumotion-ar/log/3/bulk-metrics?lti=deflated&bulkSize=1 HTTP/1.1 
Host: trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 477
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         141.226.228.48
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:48 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

                                        
                                            GET /forumotion-ar/log/2/debug?tim=12%3A56%3A46.449&type=usage&msg=rtus&llvl=2&id=804&cv=20220922-16-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1 
Host: trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         141.226.228.48
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:48 GMT
x-fastly-to-nlb-rtt: 21081
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            POST /custom HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hadibi.ahlamontada.com/
Content-Type: application/json
Origin: https://hadibi.ahlamontada.com
Content-Length: 745
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:48 GMT
content-length: 39
x-trace-id: 4b972061d6e877d22bbc288dd08ffc8d
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:56:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /api/sync.gif?key=74bad24252620514d1244cfba01f2ee2 HTTP/1.1 
Host: api.viglink.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.76.231.160
HTTP/1.1 200 OK
Content-Type: image/gif;charset=UTF-8
                                        
Cache-Control: no-cache, no-store
Date: Tue, 27 Sep 2022 12:56:48 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 43
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    221d8352905f2c38b3cb2bd191d630b0
Sha1:   d804b495cb9b84b9007a25b5d85f9ae674004cde
Sha256: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:56:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:56:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://hadibi.ahlamontada.com/
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         178.250.0.157
HTTP/2 200 OK
                                        
date: Tue, 27 Sep 2022 12:56:48 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://hadibi.ahlamontada.com
server-processing-duration-in-ticks: 438486
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            GET /newidsd HTTP/1.1 
Host: gem.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         178.250.6.36
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 27 Sep 2022 12:56:48 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 113861
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.0.157
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 12:56:48 GMT
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 490656
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   9014
Md5:    2f389c0c4f189fd4f0772a0320995021
Sha1:   2b17f7c92ea60f317587279605c3325aaa7edeb2
Sha256: 6adcd8309055b44b19ceaad8ddae9671b0cc528a8176d6c16add664225c585e5
                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-144347007-1&cid=357745437.1664283406&jid=2056070370&_u=YEBAAUAAAAAAAC~&z=663386145 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 12:56:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:56:49 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=494308,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751466c97dfc1c16-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:56:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gid.js?userId=9b7389e9d48745689ab808379b483675 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
content-length: 65
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9b7389e9d48745689ab808379b483675; expires=Wed, 27 Sep 2023 12:56:49 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    8919141f23f46a7a5ab7d47b1972265a
Sha1:   d70981bfa917ac4643f366411ff1f83558ae9c27
Sha256: 6f836465d3bc15c40d6e79163ab1c10df2814a52f46a6df1291137ea4a1da641
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:56:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /syncframe?origin=rtus&topUrl=hadibi.ahlamontada.com HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.0.157
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Tue, 27 Sep 2022 12:56:48 GMT
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=27d57daa-8552-4c86-bc76-71cfdf48edfc; expires=Sun, 22 Oct 2023 12:56:48 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 501338
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5129
Md5:    511d60d4dfa9fa4a4ba13846c6272f0d
Sha1:   78fe7e813e6d972e541e13489ce33d7cb8ed6307
Sha256: 7af20cef011fd629819f5a02ca85e73c14b93c848628d4c6d57d3f9a2bc80086
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5049
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:56:49 GMT
Last-Modified: Tue, 27 Sep 2022 11:32:40 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /libtrc/cta-component.20220922-16-RELEASE.es6.js HTTP/1.1 
Host: cdn.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
x-amz-id-2: Ct8IUrp3S3Y44U7aGR4AcpBJ3SgTt5hbGMS/pW9rqVCZPmm+JI59leFiPJM7VUYPaJJpoZZWcGo=
x-amz-request-id: BRA2RPPVQBCRW5VV
x-amz-replication-status: PENDING
last-modified: Sun, 25 Sep 2022 11:25:54 GMT
etag: "fac88d02a4ac159dfd6a97505363e724"
x-amz-version-id: 0mj3v0ylRZHoTnn0QAy2dPFAeeVnFZfs
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
via: 1.1 varnish
age: 33
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 14
x-timer: S1664283409.238136,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 14
content-length: 5108
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18924)
Size:   5108
Md5:    6edc0c60cbd321db86a583328bcc8e36
Sha1:   ac470f655afcce12484742602497b0ffeda681f6
Sha256: f5a6378eecece6fb97a79cdca11cd412c146ae73ef884773bd90a14632bdcaa7
                                        
                                            GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1 
Host: csm.fr.eu.criteo.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.0.162
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 12:56:48 GMT
pragma: no-cache
server: Finatra
expires: 0
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /libtrc/userx.20220922-16-RELEASE.es6.js HTTP/1.1 
Host: cdn.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
x-amz-id-2: EPnBOSdmJEdhu4JONnnrYz+pWBZzo8yGSYq7ayNxy2VgpwWzJKjW05/dee057aKKK1V9qEj5xzk=
x-amz-request-id: 7ZF16SJ6T06ATG9W
x-amz-replication-status: PENDING
last-modified: Sun, 25 Sep 2022 11:22:01 GMT
etag: "db9444e762c7677565a6ea28981b5bc1"
x-amz-version-id: 8c6AX02xLYX5yIzY_Dwb1zXMiU4DNl8e
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
via: 1.1 varnish
age: 22
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 8
x-timer: S1664283409.243092,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 14
content-length: 5398
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17842)
Size:   5398
Md5:    3e7d8362ae0935052e7b830330333235
Sha1:   a22d41053809368c2a205527d7e07e774704b963
Sha256: 0513cd309debc5c144190b687feb1a1fa3f910c5ae7a44ab98bc1b4d459946b3
                                        
                                            GET /lite-unit/3.9.5/UnitWidgetItemDesktop.min.js HTTP/1.1 
Host: vidstat.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 13 Sep 2022 09:04:05 GMT
etag: "8b1ffbd4f9c44c447f9a11e92fbb9112"
server: AmazonS3
via: 1.1 828a61ebc3af4e0465a5577a4c08af7a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: AfyrLxGlKNoXsjSvShOJ1QFm2rrv76iJaqEsgbMoQU-1oTsr3wJz-Q==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
age: 1223521
x-served-by: cache-bma1648-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 37571
x-timer: S1664283409.245588,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 29884
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   29884
Md5:    a7b72a082fc5e3bc4aabbb79f73fb604
Sha1:   31cc6cd9b3dfbd31d24cd47dd2fcb29f5522822f
Sha256: bf20590ab0b6486faa1a22e447f2ae149aa76742fd65fa43993646031d90a1e1
                                        
                                            GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11c51a580d0234715f4e381a2ff193d9.jpg HTTP/1.1 
Host: images.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 375394960470726063426544127135759758201,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 375394960470726063426544127135759758201,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "662f240776f27ece4ed0c1d764777ac0"
last-modified: Fri, 01 Jul 2022 01:32:38 GMT
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 1951b95492254ffa75796ec7e61c4720
x-envoy-upstream-service-time: 83
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
age: 4944775
x-served-by: cache-iad-kiad7000084-IAD, cache-iad-kiad7000126-IAD, cache-lga21973-LGA, cache-iad-kiad7000047-IAD, cache-bma1648-BMA
x-cache: HIT, HIT, MISS, HIT, HIT
x-cache-hits: 1, 1, 0, 1, 1
x-timer: S1664283409.340183,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11c51a580d0234715f4e381a2ff193d9.jpg
x-vcl-time-ms: 1
content-length: 7422
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   7422
Md5:    fecd8d990d304d5c8ed1e044d311564b
Sha1:   51503ad7c211c8930bf7e7bf0b45938492c0c89f
Sha256: 752ca8310ec580c0a6693b73ab6ae214b9a19a65632c48518bc2daff9022fa47
                                        
                                            GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/22838464cd0ff2e7b68381f57554bbc6.jpg HTTP/1.1 
Host: images.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 337622772664860344241614472254358826418,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 337622772664860344241614472254358826418,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "dbd4d8efaf6c27f7b01daf1cf14da02d"
last-modified: Tue, 16 Aug 2022 11:24:07 GMT
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 1689da4843c77cc207a202caac686770
x-envoy-upstream-service-time: 143
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
age: 3612003
x-served-by: cache-iad-kjyo7100134-IAD, cache-iad-kcgs7200086-IAD, cache-bur-kbur8200135-BUR, cache-iad-kjyo7100052-IAD, cache-bma1648-BMA
x-cache: MISS, HIT, MISS, HIT, HIT
x-cache-hits: 0, 1, 0, 1, 1
x-timer: S1664283409.424873,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/22838464cd0ff2e7b68381f57554bbc6.jpg
x-vcl-time-ms: 1
content-length: 5996
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   5996
Md5:    91f4289eb62c5e3a20cbba2630f7c5f4
Sha1:   b8fd7077b4e460fbef9df982a85ac60aab625880
Sha256: 6418c2a959c2489fa130963c68ba689625f0d28038689dfbc757fe710584915b
                                        
                                            GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//taoli.pro/attach/material/Mattress_PR/I82pfgokOG7jVVQB2.jpg HTTP/1.1 
Host: images.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 610875578773282110481061400828422065667,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 610875578773282110481061400828422065667,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "8fb9857351a552534207e978f5648ebe"
expiration: expiry-date="Fri, 16 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Tue, 16 Aug 2022 05:32:23 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 3397
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
age: 1082471
x-served-by: cache-iad-kcgs7200174-IAD, cache-iad-kiad7000051-IAD, cache-sna10743-LGB, cache-iad-kcgs7200054-IAD, cache-bma1648-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 1, 1
x-timer: S1664283409.426326,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//taoli.pro/attach/material/Mattress_PR/I82pfgokOG7jVVQB2.jpg
x-vcl-time-ms: 1
content-length: 6556
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   6556
Md5:    51ab76af54dfe7181c1a81d5055ab0df
Sha1:   4502d54835216b4c9836a38f999da602548204fb
Sha256: f1f919ecd65a1565c8cf010cca3f8870cceaa790f06e1411c188a5def5556f41
                                        
                                            GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg HTTP/1.1 
Host: images.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 544739962377286115750906782440533884243,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 544739962377286115750906782440533884243,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "402e41166faee5e4762105d6be7ace3f"
expiration: expiry-date="Sat, 17 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Wed, 17 Aug 2022 15:39:12 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 861
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
age: 1221143
x-served-by: cache-iad-kcgs7200097-IAD, cache-iad-kcgs7200026-IAD, cache-chi-klot8100056-CHI, cache-iad-kcgs7200042-IAD, cache-bma1648-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 1, 1
x-timer: S1664283409.439147,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f40/15/31/63/96/201910.jpg
x-vcl-time-ms: 1
content-length: 4628
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   4628
Md5:    b172ae92f569f9b8932758b37a9bba0c
Sha1:   67e0c5420827e8dc435d058b276957a1e28aa2c9
Sha256: 7a03c3d99d82fa44f8a948b10e1a7ee4bde89f5acf2f0501f6ad52580afcbfaa
                                        
                                            GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f18/18/76/87/71/10441110.jpg HTTP/1.1 
Host: images.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 409007793272519477888960907609700542045,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 409007793272519477888960907609700542045,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "d004f611bec22a8fd193b31b35b206a3"
expiration: expiry-date="Fri, 16 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Tue, 16 Aug 2022 05:45:08 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 407
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
age: 1202557
x-served-by: cache-iad-kjyo7100141-IAD, cache-iad-kiad7000069-IAD, cache-bur-kbur8200078-BUR, cache-iad-kcgs7200154-IAD, cache-bma1648-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 1, 1
x-timer: S1664283409.439169,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f18/18/76/87/71/10441110.jpg
x-vcl-time-ms: 1
content-length: 6128
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   6128
Md5:    afd94de274b42d060d759f04bc93f45d
Sha1:   556fd94f8ecaab204a4352af88be174c922330f2
Sha256: 63bce6247452e5d1147d21b85af2479479560a2fff763ba6807216371286a44f
                                        
                                            GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg HTTP/1.1 
Host: images.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 549930644253185078118877309127813515040,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 549930644253185078118877309127813515040,553231981581714319628150088830979202071,29ecf9b93bbf306179626feeda1fab70
etag: "0edcf740b4106100abadd2b893d52f23"
expiration: expiry-date="Mon, 05 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Fri, 05 Aug 2022 15:41:40 GMT
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 176
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
age: 2058020
x-served-by: cache-iad-kiad7000117-IAD, cache-iad-kjyo7100060-IAD, cache-chi-klot8100093-CHI, cache-iad-kiad7000178-IAD, cache-bma1648-BMA
x-cache: HIT, MISS, MISS, HIT, HIT
x-cache-hits: 1, 0, 0, 1, 1
x-timer: S1664283409.439192,VS0,VE4
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_184%2Cw_220%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f37/14/77/75/59/wqaa2110.jpg
x-vcl-time-ms: 4
content-length: 7530
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   7530
Md5:    c0a9f60f0288ebc3444012be46cd9ebe
Sha1:   7e59f8e4e4cbd11ea957ee1d40911796dbdc4511
Sha256: 1506238c53826537a0220fd1a4bdcda57718d5726d9a024b5d702d1e6aec478a
                                        
                                            POST /forumotion-ar/log/3/bulk-metrics?route=AM%3AIL%3AV&lti=deflated&bulkSize=6 HTTP/1.1 
Host: il-trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 4569
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         185.106.33.48
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

                                        
                                            POST /forumotion-ar/log/3/bulk-metrics?route=AM%3AIL%3AV&lti=deflated&bulkSize=2 HTTP/1.1 
Host: il-trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1681
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.106.33.48
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

                                        
                                            POST /api/domains HTTP/1.1 
Host: api.viglink.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 343
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.76.231.160
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hadibi.ahlamontada.com
Cache-Control: no-cache, no-store
Date: Tue, 27 Sep 2022 12:56:48 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 57
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   57
Md5:    08fbdfcd15441c4a2689e7486e323098
Sha1:   fea51c8b435ecfcde79633fd72a2bdf3d2aac72e
Sha256: a2d05337d9ae63b0b5527158dd496633bdf968749a5295f5c81d910253f852ad
                                        
                                            GET /forumotion-ar/log/2/debug?tim=12%3A56%3A47.188&type=usage&msg=cta-_1664283407188&llvl=2&id=2037&cv=20220922-16-RELEASE&lt=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~-377591542711560093~~NY1QHArWixiBK%22%2C%22text%22%3A%22Les%20mer%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-rendered%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A1%2C%22placement%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22innerText%22%3A%22Mange%20kjenner%20til%20det%20popul%C3%A6re%20kosttilskuddet%20VitaePro%2C%20men%20vet%20du%20hva%20produktet%20inneholder%3F%5CnVitaePro%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D HTTP/1.1 
Host: il-trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.106.33.48
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
x-fastly-to-nlb-rtt: 72829
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fhadibi.ahlamontada.com%2F&encoded=1&uid=ddd26f49-acda-4cd2-bd0c-b4ff0953bfcb-tucta2c7890&variant=-100|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1664283407134&tagid=&cntry=NO&platform=1&sesid=596b5f4d63541666b985bfa55d143b5f&itemid=/&viewid=1664283406455&geolat=&geoing=&deviceifa=&appid=&sd=v2_596b5f4d63541666b985bfa55d143b5f_ddd26f49-acda-4cd2-bd0c-b4ff0953bfcb-tucta2c7890_1664283408_1664283408_CNawjgYQ3pxDGPfglfi3MCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABo_9iV8p6d99_dAXAA&ri=d7bbcd7ac3293e55a56197633a8ccbb2&appname=&cdb=&gdprApplies=true&rid=&sii=-7764447088115785453&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=8351 HTTP/1.1 
Host: 15.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: text/html;charset=ISO-8859-1
                                        
server: nginx
machineid: 1468
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664283409.291279,VS0,VE34
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30286), with no line terminators
Size:   8674
Md5:    ed90d8fb98856c37fbd2d1326cacac10
Sha1:   be8eae3688de51c3c5674a946296d5cfa191f5b3
Sha256: 8410f2f942c700ff44635c08757d31e752a282d8f96d7337206745c25d43c7b6
                                        
                                            GET /forumotion-ar/log/2/debug?tim=12%3A56%3A47.082&type=usage&msg=cta-_1664283407082&llvl=2&id=4685&cv=20220922-16-RELEASE&lt=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~2318316226913079921~~DXKUa0UEkGQMG%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22728x90%20Thumbnails%22%2C%22innerText%22%3A%22Billige%20flybilletter%20-%20S%C3%B8k%20%26%20sammenlign%20alle%20prisermomondo%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D HTTP/1.1 
Host: il-trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.106.33.48
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
x-fastly-to-nlb-rtt: 72829
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /forumotion-ar/log/2/debug?tim=12%3A56%3A47.106&type=usage&msg=cta-_1664283407106&llvl=2&id=9715&cv=20220922-16-RELEASE&lt=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~-377591542711560093~~NY1QHArWixiBK%22%2C%22text%22%3A%22Les%20mer%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-cta_render_candidate%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A1%2C%22placement%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22innerText%22%3A%22Mange%20kjenner%20til%20det%20popul%C3%A6re%20kosttilskuddet%20VitaePro%2C%20men%20vet%20du%20hva%20produktet%20inneholder%3FVitaePro%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D HTTP/1.1 
Host: il-trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.106.33.48
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
x-fastly-to-nlb-rtt: 72829
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /forumotion-ar/log/2/debug?tim=12%3A56%3A47.084&type=usage&msg=cta-_1664283407084&llvl=2&id=9262&cv=20220922-16-RELEASE&lt=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~2318316226913079921~~DXKUa0UEkGQMG%22%2C%22text%22%3A%22Bestill%20n%C3%A5%20%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-cta_render_candidate%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22728x90%20Thumbnails%22%2C%22innerText%22%3A%22Billige%20flybilletter%20-%20S%C3%B8k%20%26%20sammenlign%20alle%20prisermomondo%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D HTTP/1.1 
Host: il-trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.106.33.48
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
x-fastly-to-nlb-rtt: 72829
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /forumotion-ar/log/2/debug?tim=12%3A56%3A47.178&type=usage&msg=cta-_1664283407178&llvl=2&id=3957&cv=20220922-16-RELEASE&lt=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~2318316226913079921~~DXKUa0UEkGQMG%22%2C%22text%22%3A%22Bestill%20n%C3%A5%20%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-rendered%22%2C%22cardIndexOnPage%22%3A0%2C%22index%22%3A0%2C%22placement%22%3A%22728x90%20Thumbnails%22%2C%22innerText%22%3A%22Billige%20flybilletter%20-%20S%C3%B8k%20%26%20sammenlign%20alle%20priser%5Cnmomondo%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D HTTP/1.1 
Host: il-trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.106.33.48
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
x-fastly-to-nlb-rtt: 72829
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /forumotion-ar/log/2/debug?tim=12%3A56%3A47.104&type=usage&msg=cta-_1664283407104&llvl=2&id=4738&cv=20220922-16-RELEASE&lt=deflated&file=cta-manager&method=&position=&extraData=%7B%22v%22%3A%222%22%2C%22location%22%3A%22https%3A%2F%2Fhadibi.ahlamontada.com%2F%22%2C%22itemId%22%3A%22~~V1~~-377591542711560093~~NY1QHArWixiBK%22%2C%22type%22%3A%22event%22%2C%22module%22%3A%22cta-lazy-module%22%2C%22event%22%3A%22CTA-event-has_cta_text%22%2C%22cardIndexOnPage%22%3A1%2C%22index%22%3A1%2C%22placement%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22innerText%22%3A%22Mange%20kjenner%20til%20det%20popul%C3%A6re%20kosttilskuddet%20VitaePro%2C%20men%20vet%20du%20hva%20produktet%20inneholder%3FVitaePro%22%2C%22config%22%3A%7B%22borderColor%22%3A%22black%22%2C%22fontWeight%22%3A%22bold%22%2C%22isInheritTitleColor%22%3A%22true%22%7D%7D HTTP/1.1 
Host: il-trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.106.33.48
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
x-fastly-to-nlb-rtt: 72829
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&cmcv=&pix=31589837&cb=1664283407527&uv=3230&tms=1664283407527&abt=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1664283404724!ts:1664283407527&mntl=1 HTTP/1.1 
Host: am-vid-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.226.228.48
HTTP/2 200 OK
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&cmcv=&pix=undefined&cb=1664283407528&uv=3230&tms=1664283407528&abt=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=022b97b6-a209-4b5c-95c1-61028251b8e0&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1 
Host: imprammp.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: text/html;charset=ISO-8859-1
                                        
server: nginx
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664283410.687116,VS0,VE23
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!&cmcv=&pix=31589837&cb=1664283407597&uv=3230&tms=1664283407597&abt=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1664283404724!ts:1664283407597&mntl=1 HTTP/1.1 
Host: am-vid-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.226.228.48
HTTP/2 200 OK
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4376
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 12:56:49 GMT
Connection: keep-alive

                                        
                                            GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hadibi.ahlamontada.com/
x-crto-bundle: 2-gMul85SCUyRlVHOE1UbmVEUlBMNWNUdXpSJTJCWlNSaXhDcXRHTUJ1RzF0UzlLWGFSbTgzN3RzdG9LOGx0a0F5NWRtRlolMkYlMkYzWGZrWFZvOFdDTDJPaXFWaXprUTdFS3dZMlZ6NlRlS0xIRXRtODBTTENCT3owaFZZJTJCMnJHMEFERXRjYiUyRmlTMHVra0NIakd0UzhIJTJCeGtMbHlKalJxdyUzRCUzRA
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         178.250.0.157
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Tue, 27 Sep 2022 12:56:48 GMT
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://hadibi.ahlamontada.com
server-processing-duration-in-ticks: 1829839
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   9266
Md5:    0349bb41a1f407402e2fde77adf28f77
Sha1:   d0537130076eb79f8acc2ed422c7ff33095e1ef5
Sha256: 7756b9c8e52780b835a362fc2748e1b42a131c988cac1accf1790cb0205855a1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4376
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 12:56:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4376
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 12:56:49 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 55062
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9163
Md5:    deb8d1e3b6d7fbc8c8ba478269621676
Sha1:   84f5a4c8b38acde814bc790e5b514347718d5bb9
Sha256: ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kRSg9NTTAgeAJgIZ_C9_rRodCX4bzGduJEvNPNHUya0Moa2vsmWSoQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 55072
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13213
Md5:    62e68c3cd08dd94d910507512a67e85f
Sha1:   3d4fa8701f17e8818c25584ef5f04bfbee8440cd
Sha256: 058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IWzfDNFlgYdqYnbQ9uWfOvqb5zl3I3mgTZrT5pU5P3EvetMRDN5P7w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:06:47 GMT
age: 42602
etag: "1a26007f761e439db575fb80fb403031260aecf4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7455
Md5:    5274e770cb5a704916c8965659709f4a
Sha1:   1a26007f761e439db575fb80fb403031260aecf4
Sha256: e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9737
x-amzn-requestid: a06488e4-22bb-4149-adac-b6696ab91923
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATHzUIAMFtcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-238f1b945a8b549872c85f2a;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qkfz02g1BMeZhFonJAWyqyQ9jBnZC4i-2ZHzO2wgJBVjC4YfvtlxCA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 55072
etag: "932c74fa24b61ee1b1c672b6c19b1e736caab8d3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9737
Md5:    3140ec95f33c36599de95b25cdade940
Sha1:   932c74fa24b61ee1b1c672b6c19b1e736caab8d3
Sha256: f7488246ca75fddc504812f4c5944a5a2494cdb14b6ef1db5fb28beca5cff194
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p1vYTqYjOmYHjVmJ8f6qyT_nLIsyXsr7ZI-DI7JBF9RJa0ZJNPiluA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:56:23 GMT
age: 54026
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10211
Md5:    347dca206e13a3b13953f0ab398310b4
Sha1:   be60bbc96c832ae385cc9ae5828bd32703011b21
Sha256: f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:37:50 GMT
age: 40739
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6390
Md5:    14218a43c5e5bbce546735a780c8ccce
Sha1:   61676358cdbb2373bc644e66f8a84fbc8cc5daf6
Sha256: 905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
                                        
                                            GET /vpaid/units/32_3_0/assets/css/cmOsUnit.css HTTP/1.1 
Host: vidstat.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: text/css
                                        
x-amz-id-2: 0GqLaJTEoq08w5K50fWnlIkmwRUDC7J31N0fV9+A4Z6KszF9Z1W8ZNtpYCwSbihwX1C1LBMzRhQ=
x-amz-request-id: EA4A1MTNA1QRKAVQ
last-modified: Sat, 24 Sep 2022 09:07:48 GMT
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-ctime: 1664010467
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1664010467
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
via: 1.1 varnish
age: 272813
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 44426
x-timer: S1664283410.911876,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 8297
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   8297
Md5:    a28320a69408adba1f01f56d6eb80708
Sha1:   8012c7108fab547cf31481cfda7cb49e654a0542
Sha256: befbb274b7045e7e5791a4badbe46e1a2e367e6570da7cd0ac127acc4b8e8991
                                        
                                            GET /vpaid/units/32_3_0/infra/cmTagWIDGET_ITEM.js HTTP/1.1 
Host: vidstat.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: IwI3zYzWuODaDGy8hMZ3jkZ80+3zVZTxLHVAPkA0DLYdK/lO/Z5evoaYAKT/hqjXzPF24yril48=
x-amz-request-id: ZRGWVZX09W5X8RZT
last-modified: Sat, 24 Sep 2022 09:06:53 GMT
etag: "d57009c5b713da8751998109cd3510d5"
x-amz-meta-ctime: 1664010412
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1664010411
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
via: 1.1 varnish
age: 272812
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 22432
x-timer: S1664283410.929904,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 126871
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size:   126871
Md5:    d57009c5b713da8751998109cd3510d5
Sha1:   29eff961b25a5da6d5eca61234bb2a93abc29b19
Sha256: 66e7c96768afe6004cf46b6212412c5df8d22d1b14f2441a3fbca329e5d809e5
                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5493
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:56:49 GMT
Last-Modified: Tue, 27 Sep 2022 11:25:16 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /sw.js HTTP/1.1 
Host: hadibi.ahlamontada.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hadibi.ahlamontada.com/
Connection: keep-alive
Cookie: exadd=166429; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D; _ga=GA1.2.357745437.1664283406; _gid=GA1.2.21466275.1664283406; _gat_gtag_UA_144347007_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         94.23.150.222
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 27 Sep 2022 12:56:48 GMT
last-modified: Tue, 27 Aug 2019 13:54:01 GMT
etag: W/"5d6535f9-1554"
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2617
Md5:    bee4806560530677cad60631db27e0b8
Sha1:   0f15f20d259efdd9ad9c648786d8393ff897d122
Sha256: 0013c7267bd829ffacfd4e8009a085e885f8c61869cd173f06d604a6150f611f
                                        
                                            POST /VideoBidRequestHandlerServlet?oid=15&width=380&height=213&pubid=169497&tagid=953497&crid=5664665&noaop=5&sortOrderType=0&cb=1664283407605&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1483&pt=-227362181&tz=0&viewable=true&ddast=V7xpoCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJLdyuXYbj8stc3ica9HMZVkLV57hWmRazCaLlcm5WxiGQEIby2him3nWisFwuRatLIa1xLaxuHUbl8u3nAw2roVxCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd8oOl0-Fz3eqHD5LQ47Qqj2eH2200Pk8Ou8bv9cgAAAAB4ALB6y4T4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwAAwILnQAPjkIHjP2e8PAIAGLRAAgAABEoCB1YASgI_zlRMAAAAAAAAAAJb_____GIA9rDEZgJH9nR6ABx-AB6IC3iJGAAAAAFtaKppHkzqhsqgCACBItwK4AgAIGPwr2LsMAwAAABhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQm-j12lBLKPXar-AAABrv4AAAGzqBgDwFgAXdAStGAxWpxC74WyxG802o9kBAAAA3P3____rgdRyNnHNTCPbZjVazGaziXO4mtgcrtXIMdpMXDPvhaboruGReqP1eQjL7PcdRCzP1_Q3HGR8y-ttEBVdb4vd4TR77kfRkuVuuVuNJovRaLnc7Iab0WB_AjkbIEVLFqvlcLWbLEabxWKy3A1HkwlStGS1XC5Xm81qtRstZoPNcrjZIEWrVrPRZjBczSaz3W41HAyXoxFStGS5W-5Wo8liNFouN7vhZjQYIgyZTJbZzLRcKzwmh1u0MVnWEpNh45aYZjbDcrWZ2DwWt-j1MT0sG99wOdiiYEDEXgQX6UTmt7zeftPTb3crLBexRHOySCeyy761nE1cM9PItlmNFrPZbOIcriY2h2s1cow2E9fMXzKZLLOZablWeEwOt2hjsqwlJsPGLTHNbIblajOxeSxu0etjelg2vuFysG_MZqPJcDMaDPeN2Ww0GW5Gg-G-Q2f4rj5nozM4nniEms9sc3rWHAaFy2Dx_j4XaTPauBlV2rDForoWd66JVaeNnYydg9mg8P3Npa04uI2cy33JQWwwKGKJ4HSRTkQv4-kilkieFulE5JtYPCbfwuOZLDcr12rhmi2Wu9lmszBuPBaLZSKWKE0X6UQvUf-RIRdz5WAumswVq9EqAQAAAAAAAAAsYc68CQAAAMBpIKPBZrhaLgCEs5fuz9vwLQRy1f8u5Q-J4LZi-ERx48cN5re83n7T0293KyxXBnigJmfe7Jkg1mq1rAEAAASwAQAAArh18xaAzcjtA0FxMTMzMzfzE-BmtRg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!smbs!spa2_vA!t45!tvrReverse1_vB!ufm&mPre=0.025&cirf=https%3A%2F%2Fhadibi.ahlamontada.com&en=1 HTTP/1.1 
Host: wf.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
server: nginx
machineid: 1470
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:49 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664283410.837918,VS0,VE54
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5493
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:56:49 GMT
Last-Modified: Tue, 27 Sep 2022 11:25:16 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.180.126
HTTP/1.1 302 Found
Content-Type: text/plain
                                        
Server: nginx
Date: Tue, 27 Sep 2022 12:56:49 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da124ec3-3e63-11ed-8ab4-1be234f70306; expires=Tue, 25-Oct-2022 12:56:49 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da124f02-3e63-11ed-8ab4-1be234f70306
X-fe: 142
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.180.126
HTTP/1.1 302 Found
Content-Type: text/plain
                                        
Server: nginx
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da18530b-3e63-11ed-872d-1d66682b0206; expires=Tue, 25-Oct-2022 12:56:50 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da18534d-3e63-11ed-872d-1d66682b0206
X-fe: 19
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.180.126
HTTP/1.1 302 Found
Content-Type: text/plain
                                        
Server: nginx
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da186340-3e63-11ed-8040-1ebee0f60106; expires=Tue, 25-Oct-2022 12:56:50 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da18637f-3e63-11ed-8040-1ebee0f60106
X-fe: 92
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.180.126
HTTP/1.1 302 Found
Content-Type: text/plain
                                        
Server: nginx
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da185c17-3e63-11ed-81f5-17f3d7a10306; expires=Tue, 25-Oct-2022 12:56:50 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da185c48-3e63-11ed-81f5-17f3d7a10306
X-fe: 126
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da124f02-3e63-11ed-8ab4-1be234f70306 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.180.126
HTTP/1.1 204 No Content
Content-Type: text/plain
                                        
Server: nginx
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da188595-3e63-11ed-a65d-1e875f050206; expires=Tue, 25-Oct-2022 12:56:50 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 74
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da18534d-3e63-11ed-872d-1d66682b0206 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.180.126
HTTP/1.1 204 No Content
Content-Type: text/plain
                                        
Server: nginx
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da1cc839-3e63-11ed-a92c-1189f5600506; expires=Tue, 25-Oct-2022 12:56:50 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 99
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da18637f-3e63-11ed-8040-1ebee0f60106 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.180.126
HTTP/1.1 204 No Content
Content-Type: text/plain
                                        
Server: nginx
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da1d3825-3e63-11ed-93c6-169e7f670506; expires=Tue, 25-Oct-2022 12:56:50 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 38
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da185c48-3e63-11ed-81f5-17f3d7a10306 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.180.126
HTTP/1.1 204 No Content
Content-Type: text/plain
                                        
Server: nginx
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da1d95cc-3e63-11ed-b2c7-1f0541440506; expires=Tue, 25-Oct-2022 12:56:50 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 121
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1623
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:56:50 GMT
Last-Modified: Tue, 27 Sep 2022 12:29:47 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 01 Oct 2022 09:47:19 GMT
ETag: "419d525ef4241cf619d0addd858f3bc035b5fdf3"
Last-Modified: Tue, 27 Sep 2022 09:47:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 605
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751466d15e2ab4f4-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    97817756af75194ee270c9ac24263a15
Sha1:   419d525ef4241cf619d0addd858f3bc035b5fdf3
Sha256: 30f56f1d03403d6fe30c9fdd649cfc0151fb07957ebe76ca4c1b6e59233f6073
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 01:56:49 GMT
Expires: Sat, 01 Oct 2022 01:56:48 GMT
Etag: "1d756347443f7bf74cbe47b8f4f3a7f011f34a6a"
Cache-Control: max-age=305397,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751466d15e5c1c16-OSL

                                        
                                            GET /ups/58534/occ HTTP/1.1 
Host: ups.analytics.yahoo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         18.156.0.31
HTTP/2 302 Found
                                        
date: Tue, 27 Sep 2022 12:56:50 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBBLzMmMCEMuC1J2FDqekqrtjS5NAyoEFEgEBAQFENGM8YwAAAAAA_eMAAA&S=AQAAAuF35FbKJ8U7JEuOSg906q4; Expires=Wed, 27 Sep 2023 18:56:50 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

                                        
                                            GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1 
Host: match.adsrvr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.71.131.137
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 12:56:50 GMT
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   70
Md5:    58a7930cd4577fc33c35828c271eab8f
Sha1:   406e57f86dc101e10f3a57be1e2f7b93c4580474
Sha256: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
                                        
                                            GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.124.103.115
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Length: 43
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /vpaid/vPlayer/player/v14.8.3/OvaMediaPlayer.js HTTP/1.1 
Host: vidstat.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: o6xcpPhv775RpZGpaP2atU207+TUcpD7v+IADo0lB/dpMr/QhFwz3nqd46XzsxrPcE5MsZmdhb0=
x-amz-request-id: PAKC81N915AWRTDK
last-modified: Sat, 24 Sep 2022 09:01:25 GMT
etag: "b5eb5deb3896df163984797d27b4d980"
x-amz-meta-ctime: 1664010084
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1664010068
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:50 GMT
via: 1.1 varnish
age: 273270
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 41395
x-timer: S1664283410.205643,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 86888
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size:   86888
Md5:    b5eb5deb3896df163984797d27b4d980
Sha1:   85da436ef9c38206cb926fed093c96f911506b75
Sha256: 19d2b834877874de4a1d488214d7c574cd00d7db6b68cc48b7b4c988cd5e7b51
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 12:56:50 GMT
Last-Modified: Tue, 27 Sep 2022 11:42:58 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kxBzD1-phTALtIIX3uqgzflAc3-PWeYP-44PLNUOGKe4dvNwq-4dKA==
Age: 4432

                                        
                                            GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1 
Host: cdn.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 200 OK
content-type: image/png
                                        
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
server: AmazonS3
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:50 GMT
via: 1.1 varnish
age: 19569
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 2497
x-timer: S1664283410.426019,VS0,VE0
cache-control: private,max-age=31536000
abp: 14
content-length: 254
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Size:   254
Md5:    dfa7b52c86e56bd67fa4002f6ed19854
Sha1:   7df722645482433c2b5c8d8ab4272a9874592f27
Sha256: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
                                        
                                            GET /ups/58534/occ?verify=true HTTP/1.1 
Host: ups.analytics.yahoo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         18.156.0.31
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 12:56:50 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBBLzMmMCEEKNryR9a3SjVrW9qbKGBxgFEgEBAQFENGM8YwAAAAAA_eMAAA&S=AQAAAoEvskCaRxF5abjkz1VqaMs; Expires=Wed, 27 Sep 2023 18:56:50 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.180.126
HTTP/1.1 302 Found
Content-Type: text/plain
                                        
Server: nginx
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da5da81c-3e63-11ed-be7a-1afcdea00406; expires=Tue, 25-Oct-2022 12:56:50 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da5da852-3e63-11ed-be7a-1afcdea00406
X-fe: 130
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (928), with no line terminators
Size:   928
Md5:    17403b41f415b7b0edb59f52e33e8fb2
Sha1:   ba381a8361ae5b781f0c6c318c714083f03335a5
Sha256: cee951f16e0c0a2483c94e07da6adfd3b4549ce3279979a6c9c054b4f4d7c1cf
                                        
                                            GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1 
Host: taboola-supply-partners.tremorhub.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.207.129.242
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 12:56:50 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    07fff40b5dd495aca2ac4e1c3fbc60aa
Sha1:   e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
Sha256: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
                                        
                                            POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=2 HTTP/1.1 
Host: trc.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 4047
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 204 No Content
content-type: image/gif
                                        
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:50 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664283410.411712,VS0,VE83
x-vcl-time-ms: 83
X-Firefox-Spdy: h2

                                        
                                            POST /forumotion-ar/log/3/visible?route=AM%3AIL%3AV&lti=deflated HTTP/1.1 
Host: trc.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2379
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.44
HTTP/2 204 No Content
content-type: image/gif
                                        
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:50 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664283410.413135,VS0,VE85
x-vcl-time-ms: 85
X-Firefox-Spdy: h2

                                        
                                            GET /sid/json?origin=rtus&domain=ahlamontada.com&sn=FirefoxSyncframe&so=3&topUrl=hadibi.ahlamontada.com&bundle=Qir2bF93NUhrNjc3UzNvdkx0Yk5PNU83UEp4ZXFFbGJFVU5qbGVWJTJCeXdLb3E3YmlLc1JQUks3azlDYjVSbHRPSTkyVWthY3RqTE80Sk5MVDhzMlZTRW8zbFJSeHRCJTJCNmQwRzIlMkJ2WklzWjd1NzM0TDFJdDAzUHRVNlhvWVFuQ1dkSWJvJTJGUmJKZVNnYU1Bb2VjckZOOVdGSjRiUSUzRCUzRA&info=Sf3XTl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBPalBqbXYwdmt2cWpKemM0MEJjTGY4N1BwZHZOd00lMkZiZjN5ZDNLUlRBNg&idsd=1697668341,-1825528481&cw=1&rtusCallerId=72&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=hadibi.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         178.250.0.157
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 27 Sep 2022 12:56:48 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 957715
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   65838
Md5:    d95c636787a278e227ee3df69b3dbf0f
Sha1:   5c4b448a61fdbcbb7264c810763e626e3c19a545
Sha256: d7e382be87349a0f74315883f833680c0769f701d93cead62940bb276125571c
                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=da5dab53-3e63-11ed-8956-1e588e900306 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.94.180.126
HTTP/1.1 204 No Content
Content-Type: text/plain
                                        
Server: nginx
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=da6f106d-3e63-11ed-8e51-14f0ef8b0306; expires=Tue, 25-Oct-2022 12:56:50 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 101
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /sync?gdpr=1&us_privacy=1---&ssp=taboola HTTP/1.1 
Host: x.bidswitch.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.124.103.115
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 27 Sep 2022 12:56:50 GMT
Content-Length: 43
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /ups/58534/occ HTTP/1.1 
Host: ups.analytics.yahoo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         18.156.0.31
HTTP/2 302 Found
                                        
date: Tue, 27 Sep 2022 12:56:50 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBBLzMmMCEI9CTJuJIRdy0yeU5rgbFqUFEgEBAQFENGM8YwAAAAAA_eMAAA&S=AQAAAkZPqRvjx4tu1uaigBsJ8bg; Expires=Wed, 27 Sep 2023 18:56:50 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

                                        
                                            GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1 
Host: match.adsrvr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.71.131.137
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 27 Sep 2022 12:56:50 GMT
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   70
Md5:    58a7930cd4577fc33c35828c271eab8f
Sha1:   406e57f86dc101e10f3a57be1e2f7b93c4580474
Sha256: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
                                        
                                            GET /ups/58534/occ?verify=true HTTP/1.1 
Host: ups.analytics.yahoo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         18.156.0.31
HTTP/2 204 No Content
                                        
date: Tue, 27 Sep 2022 12:56:50 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBBLzMmMCEFoSkGXZUsXDwmKpmNExYgoFEgEBAQFENGM8YwAAAAAA_eMAAA&S=AQAAArvu6OtEAkf3yUlEIs0YLqw; Expires=Wed, 27 Sep 2023 18:56:50 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

                                        
                                            GET /sync?dast=V7mpQCFgOiEiLkhRjFaQSiEiLkhRjFaQUAAAAGBuIHJDCZTJy7iW2tsAyWa9HEtXErVxvHWrYYTIaT1WJiXBmGQAKTycS5m9jWCstguRZNXBu3crVxrGWLwWQ4WS0mxpVhChE3GQ6fg4Go6Hpb7A6n2fOGDzSdDp_rXi90mJwWp11hNDvcfrvpYXLYNX63Xw4AAAAAD_____8QAAAAABEAAAAAEgAAAAAUARX_FgIXAAAAABj_____GgCfHATvOfv9AQAAAAACAAAAQAIwsBpQAvBxvnLy_________x8zQJ95I_P___9_Y9AD8OAD8CAEAABwMYSCFNgk0pxCT1QwWMQIAAAAYEtLRfNoUidUFlX____9VgBXAAABg38Feb9ZuoMSb2EAAAAAYwv0sPj9Zodd43e77P_________f7P_sH03obfQ6LYhl9FrtFxAAYO0XEACATd0AAN4C4IKOoBWDweoUYjecLXaj2WY0OwAAAIC7____fz2QWs4mrplpZNusRovZbDZxDlcTm8O1GjlGm4lr5r3QFN01PFJvtL6ImwyHz8FAVHS9LXaH0-y5H0VLlrvlbjWaLEaj5XKzG25Gg_0J5GyAFC1ZrJbD1W6yGG0Wi8lyNxxNJkjRktVyuVxtNqvVbrSYDTbL4WaDFK1azUabwXA1m8x2u9VwMFyORkjRkuVuuVuNJovRaLnc7Iab0WCIMGQyWWYz03Kt8JgcbtHGZFlLTIaNW2Ka2QzL1WZi81jcotfH9LBsfMPlYIoPdLt8KrfLpWV7WT4vxxYFAyL2InlapBPVbuUx2SzDxWa1cI2GC5dhZXHYPIOFaTUxGRYri1iiOVmkE9ll31rOJq6ZaWTbrEaL2Ww2cQ5XE5vDtRo5RpuJa-YvmUyW2cy0XCs8JodbtDFZ1hKTYeOWmGY2w3K1mdg8Frfo9TE9LBvfcDnYN2az0WS4GQ2G-8ZsNpoMN6PBcN-hM3xXn7PRGRxPPELNZ7Y5PWsOg8JlsHh_n4u0GW3cjCpt2GJRXYs718Sq08ZOxs7BbFD4_ubSVhzcRs7lvuQgNhgUsURwkU5kfsvr7Tc9_Xa3wnIRS5Smi3Sil4glgtNFOhG9jKeL-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9U6D2SwHOyWq-UCQDh76f68Dd9CIFf971L-kAhuK4ZPFDd-3GB-y-vtNz39drfCcmWAB2py5s2fCWKtVssaAABAABsAACCAWzdvAdhM_P___38cAACAjBw9AACA-D5QFAgAAAAAAD8BblaLAQ!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1 
Host: am-match.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.226.228.48
HTTP/2 200 OK
content-type: text/html;charset=ISO-8859-1
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:49 GMT
machineid: 3401
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1665
Md5:    705444676418a9fb58d78f3440ad7bde
Sha1:   bb486809e663db1f933f72bbb1481fee2c042b0d
Sha256: 3cbfe30c6f35bcb9d62d1e3a6e4d81e0aeea2db736e58769b24e871c915601aa
                                        
                                            GET / HTTP/1.1 
Host: pips.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.44
HTTP/2 200 OK
                                        
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://hadibi.ahlamontada.com
accept-ranges: bytes
date: Tue, 27 Sep 2022 12:56:51 GMT
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    6c3e226b4d4795d518ab341b0824ec29
Sha1:   eef19c54306daa69eda49c0272623bdb5e2b341f
Sha256: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
                                        
                                            GET /?uid=ddd26f49-acda-4cd2-bd0c-b4ff0953bfcb-tucta2c7890 HTTP/1.1 
Host: cds.taboola.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Referer: https://hadibi.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         141.226.224.32
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:51 GMT
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST /custom HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hadibi.ahlamontada.com/
Content-Type: application/json
Origin: https://hadibi.ahlamontada.com
Content-Length: 389
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:55 GMT
content-length: 39
x-trace-id: 8fb1569c0244e19d0b23c510343077c6
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            GET /gid.js?pub=0&userId=77996dda2c5147b7b465410a5487ef78&zoneId=2308013&checkDuplicate=true&ymid=&var= HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hadibi.ahlamontada.com/
Origin: https://hadibi.ahlamontada.com
Connection: keep-alive
Cookie: ID=9b7389e9d48745689ab808379b483675
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Tue, 27 Sep 2022 12:56:55 GMT
content-length: 65
access-control-allow-origin: https://hadibi.ahlamontada.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9b7389e9d48745689ab808379b483675; expires=Wed, 27 Sep 2023 12:56:55 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    8919141f23f46a7a5ab7d47b1972265a
Sha1:   d70981bfa917ac4643f366411ff1f83558ae9c27
Sha256: 6f836465d3bc15c40d6e79163ab1c10df2814a52f46a6df1291137ea4a1da641
                                        
                                            GET /newidsd HTTP/1.1 
Host: gem.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         178.250.6.36
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 27 Sep 2022 12:56:48 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 66295
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sid/json?origin=publishertag&domain=ahlamontada.com&sn=FirefoxSyncframe&so=0&topUrl=hadibi.ahlamontada.com&info=7-x4NF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czBPalBqbXYwdmt2cWpKemM0MEJjTGVFTjc2UHZwUVQ3V2U4a2Z2UUFFajY&idsd=1697668341,-1825528481&cw=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hadibi.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers