Overview

URLh1a1.ahlamontada.com/
IP 94.23.150.222 (Netherlands)
ASN#16276 OVH SAS
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access lock_open
Report completed2022-12-06 13:11:44 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (61)

Fully Qualifying Domain Name Rank First Seen Last Seen Sent bytes Received bytes IP Comment
stootsou.net (8) 145219 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 3637 4301 139.45.197.250
www.google-analytics.com (1) 40 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 377 20685 142.250.74.14
www.google.no (1) 25607 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 520 694 142.250.74.163
csm.nl.eu.criteo.net (2) 6830 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 1044 716 178.250.2.150
connect.topicit.net (1) 523065 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 378 939 104.21.90.171
secure-assets.rubiconproject.com (1) 1057 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 553 293 2.21.206.244
ag.gbc.criteo.com (1) 5925 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 400 493 185.235.84.11
contile.services.mozilla.com (1) 1114 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 333 229 34.117.237.239
img-getpocket.cdn.mozilla.net (6) 1631 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 3246 61408 34.120.237.76
x.bidswitch.net (1) 286 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 416 212 35.158.226.123
imprammp.taboola.com (2) 11978 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 4175 640 151.101.129.44
h1a1.ahlamontada.com (6) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 2608 75112 94.23.159.185
firefox.settings.services.mozilla.com (2) 867 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 782 2372 34.102.187.140
15.taboola.com (1) 1912 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 1314 9414 151.101.129.44
www.googletagmanager.com (2) 75 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 766 45156 142.250.74.40
gum.criteo.com (7) 381 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 4291 19771 178.250.2.146
cdn.taboola.com (6) 1040 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 2457 188487 151.101.129.44
www.google.com (1) 7 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 521 694 142.250.74.164
am-match.taboola.com (3) 12278 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 5410 90333 141.226.228.48
ajax.googleapis.com (1) 12905 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 396 34945 142.250.74.42
cdn.viglink.com (1) 4113 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 368 29093 54.230.111.60
ocsp.sca1b.amazontrust.com (3) 1015 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 1050 3011 143.204.42.88
ups.analytics.yahoo.com (4) 287 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 1658 1978 3.126.56.137
twemoji.maxcdn.com (1) 9109 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 373 607 151.139.237.124
r3.o.lencr.org (9) 344 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 3042 7976 23.36.76.226
push.services.mozilla.com (1) 2140 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 606 127 54.189.35.180
pixel.rubiconproject.com (4) 314 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 1819 948 213.19.162.80
dnacdn.net (3) 3760 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 1398 2172 178.250.2.146
um2.eqads.com (2) 3522 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 832 492 54.152.229.173
pips.taboola.com (1) 1840 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 391 350 151.101.129.44
content-signature-2.cdn.mozilla.net (1) 1152 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 413 5844 34.160.144.191
ocsp.pki.goog (10) 175 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 3430 6999 142.250.74.131
trc-events.taboola.com (6) 1779 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 3581 978 141.226.228.48
am-vid-events.taboola.com (3) 11733 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 5716 318 141.226.228.48
wf.taboola.com (2) 2328 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 4437 2123 151.101.129.44
s.amazon-adsystem.com (2) 283 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 918 1185 52.46.128.147
ocsp.globalsign.com (2) 2075 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 720 3794 104.18.21.226
trc.taboola.com (3) 602 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 2964 1691 151.101.129.44
rubiconcm.digitaleast.mobi (1) 6219 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 433 565 34.95.81.168
tzegilo.com (1) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 362 830 104.21.84.149
ocsp.sectigo.com (2) 487 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 680 1926 104.18.32.68
stats.g.doubleclick.net (1) 96 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 613 715 108.177.14.156
match.adsrvr.org (2) 349 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 902 704 35.71.131.137
datatechonert.com (1) 46154 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 502 488 37.48.68.71
sync.search.spotxchange.com (11) 523 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 6525 7503 185.94.180.126
vidstatb.taboola.com (1) 8893 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 452 91646 151.101.129.44
eus.rubiconproject.com (2) 556 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 952 11045 104.88.9.101
cdn.betgorebysson.club (1) 149925 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 385 30718 139.45.195.8
illiweb.com (4) 265462 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 1533 25064 172.67.150.97
2img.net (4) 212398 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 1661 3809 104.21.235.175
static.criteo.net (1) 652 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 379 40867 178.250.0.130
gem.gbc.criteo.com (2) 6039 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 788 1494 185.235.84.66
ocsp.digicert.com (19) 86 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 6479 12868 93.184.220.29
images.taboola.com (5) 1621 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 2846 84693 151.101.129.44
il-trc-events.taboola.com (8) 22667 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 4929 1483 185.106.33.48
status.geotrust.com (2) 3662 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 686 1534 93.184.220.29
tg.socdm.com (1) 1360 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 421 881 124.146.215.52
api.viglink.com (3) 4397 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 1413 1675 34.246.116.79
vidstat.taboola.com (3) 1927 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 1301 168456 151.101.129.44
token.rubiconproject.com (2) 671 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 858 424 213.19.162.80
aax-eu.amazon-adsystem.com (2) 1388 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 932 1192 52.95.122.74

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-06 medium datatechonert.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 94.23.150.222
Date UQ / IDS / BL URL IP
2023-05-24 15:19:45 UTC 0 - 0 - 5 alginis.yoo7.com 94.23.150.222
2022-09-09 14:22:14 UTC 0 - 0 - 10 mazika4ever.ahlamontada.net/t4581-topic 94.23.150.222
2022-09-04 18:02:28 UTC 0 - 0 - 1 sohaib-hack.yoo7.com/ 94.23.150.222
2023-02-02 00:53:15 UTC 0 - 0 - 7 habeb-alroh.forumfa.net/t8724n-topic 94.23.150.222
2023-01-08 12:41:58 UTC 0 - 2 - 0 lescrinsdeliberte.1fr1.net/t16710-dpt-59-gaia (...) 94.23.150.222


Last 5 reports on ASN: OVH SAS
Date UQ / IDS / BL URL IP
2023-06-09 05:03:00 UTC 0 - 6 - 0 mails.sabahnow.com/zmta4/link.php?M=15783&N=2 (...) 149.56.101.17
2023-06-09 05:01:15 UTC 0 - 2 - 0 actualidad.com.do/confirma-sentencia-cirujano (...) 51.38.21.102
2023-06-09 04:56:39 UTC 0 - 2 - 0 app.indie-bestsellers.com/report-spam/2o9wY6D (...) 198.50.182.2
2023-06-09 04:56:34 UTC 0 - 3 - 0 app.indie-bestsellers.com/report-abuse/2o9wY6 (...) 198.50.182.2
2023-06-09 04:56:25 UTC 0 - 1 - 0 goodporno.me/videos/1342/ 51.68.131.212


Last 5 reports on domain: ahlamontada.com
Date UQ / IDS / BL URL IP
2023-06-02 14:07:33 UTC 0 - 0 - 27 helpe.ahlamontada.com/t341p30-topic 94.23.73.212
2022-11-16 13:03:20 UTC 0 - 0 - 11 citytala.ahlamontada.com/t216-topic 188.165.2.137
2022-11-14 12:19:28 UTC 0 - 0 - 10 sousimohamed.ahlamontada.com/t4761-topic 188.165.2.137
2022-11-08 11:39:48 UTC 0 - 0 - 2 soosoo.ahlamontada.com/t83-topic 178.33.43.178
2022-11-06 09:32:11 UTC 0 - 0 - 9 cocofofo0.ahlamontada.com/t7-topic 94.23.73.212


No other reports with similar screenshot

JavaScript

Executed Scripts (46)

Executed Evals (5)
#1 JavaScript::Eval (size: 18) - SHA256: 0f3342bc14063d9ed7a669eb067b50ea17b2cb7dcb51968939b72fa9ac862d91
var foo = (x) => x + 1
#2 JavaScript::Eval (size: 26887) - SHA256: 3c5f82c2efcfd9c470101d5791524356ae9d5e8008e590f20626a99b018037ab
var isApp = false;

cmTag.set('version', '23_2_8');

cmTag.set('sync', 'https://am-match.taboola.com/sync?dast=V7QAwCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJDVbDjcmi8OtWS02a9FgZVtLjKuVW-FajDbD4cS3svmGQFKz5XBjsjjcmtVisxYNVra1xLhauRWuxWgzHE58K5tvChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXi90LBxzhdHscPvtpofJYdf43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMUQvz6EPffyZCdRAWERIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABBCeQ64sZukOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALugBYnULshrPFbjTbjGYHAAAAcPf___-vB2KemWfl2jhXxpFxZBjZJh7XYrccLic202qz8Di8V-hidjRH2xrRF3GT4fA5GIiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEmcls43IONmuJx-VyizYb11q5GtnWmpXFZloMJ4bVyuYWvT6mh3G4cQ2GWxQMiNiL5GmRTjQL42K3MJmWw9nCt3IZVsbZyOXxTDYT52I42awmYonmZJFOZJd9zTPzrFwb58o4Mo4MI9vE41rslsPlxGZabRYeh78zmW1czsFmLfG4XG7RZuNaK1cj21qzsthMi-HEsFrZ3KLXx_QwDjeuwXDfmO0Gm81kspztG7PdYLOZTJazfYfO8F19zkZncDzx2LRb70z9szkMCpfB4v19LtJmtHEzqrRhi0V1Le5cE6tOGzsZOwezQeEbXhPD30_9vHazt4PYYFDEEsFFOpH5La-33_T0290Ky0UsUZou0oleIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-4NHU-pjf1q_S_lDIritGD5R3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BT31wo9cKP_AQ5WA0H!&excid=22&docw=0&cijs=1&nlb=false');

cmTag.set("player.settings.kaxwnc", 0);


cmTag.setByCondition({
    conditions: [{
        key: "ep",
        val: 1
    }],
    settings: {
        isMultiAd: false
    }
});
cmTag.set("preset", {
    "level": 1
});
cmTag.set('player.settings.regx', '\x22\x64\x65\x6D\x61\x6E\x64\x53\x6F\x75\x72\x63\x65\x49\x64\x22\x3A\x35\x34\x36\x38\x34\x7C\x2E\x63\x6C\x65\x61\x72\x73\x74\x72\x65\x61\x6D\x2E\x74\x76\x7C\x2E\x63\x6C\x72\x73\x74\x6D\x2E\x63\x6F\x6D\x7C\x74\x6D\x2D\x70\x72\x6F\x6D\x6F\x2E\x73\x33\x2E\x61\x6D\x61\x7A\x6F\x6E\x61\x77\x73\x7C\x61\x64\x76\x65\x72\x74\x69\x73\x69\x6E\x67\x73\x74\x6F\x72\x79\x2E\x63\x6F\x6D\x7C\x6D\x65\x64\x69\x61\x67\x72\x6F\x75\x70\x61\x64\x73\x2E\x63\x6F\x6D\x7C\x65\x6C\x69\x74\x65\x6C\x6D\x65\x64\x69\x61\x61\x64\x76\x65\x72\x74\x69\x73\x69\x6E\x67\x2E\x63\x6F\x6D\x7C\x76\x65\x72\x74\x61\x6D\x65\x64\x69\x61\x2E\x63\x6F\x6D\x7C\x6D\x65\x64\x69\x61\x67\x72\x6F\x75\x70\x70\x72\x6F\x2E\x63\x6F\x6D\x7C\x68\x69\x67\x68\x72\x61\x74\x65\x64\x61\x64\x73\x2E\x63\x6F\x6D\x7C\x2E\x76\x69\x64\x65\x6F\x67\x72\x61\x6D\x6D\x69\x63\x2E\x63\x6F\x6D\x7C\x76\x69\x64\x65\x6F\x67\x72\x61\x6D\x6D\x69\x63\x2E\x63\x6F\x6D\x7C\x66\x69\x6C\x65\x73\x2E\x77\x65\x62\x76\x69\x64\x65\x6F\x67\x6C\x6F\x62\x61\x6C\x2E\x63\x6F\x6D\x7C\x77\x65\x62\x76\x69\x64\x65\x6F\x67\x6C\x6F\x62\x61\x6C\x2E\x63\x6F\x6D\x7C\x77\x65\x62\x6D\x65\x64\x69\x61\x61\x70\x70\x2E\x63\x6F\x6D\x66\x69\x6C\x65\x73\x2E\x77\x65\x62\x6D\x65\x64\x69\x61\x61\x70\x70\x2E\x63\x6F\x6D\x7C\x6D\x61\x72\x6B\x65\x74\x69\x6E\x67\x76\x69\x64\x65\x6F\x6E\x6F\x77\x2E\x63\x6F\x6D\x7C\x70\x6F\x70\x6F\x76\x69\x64\x65\x6F\x61\x64\x2E\x63\x6F\x6D\x7C\x64\x61\x66\x61\x63\x64\x64\x2E\x61\x73\x69\x61\x7C\x73\x62\x2E\x77\x69\x6E\x39\x39\x39\x77\x69\x6E\x2E\x63\x6F\x6D\x7C\x6E\x73\x73\x66\x2E\x63\x6F\x6D\x7C\x75\x70\x69\x65\x77\x2E\x63\x6F\x6D\x7C\x70\x69\x65\x77\x2E\x63\x6F\x6D\x7C\x76\x2E\x73\x68\x75\x6C\x63\x6F\x6E\x74\x2E\x63\x6F\x6D\x7C\x76\x2E\x61\x6C\x67\x6F\x76\x69\x64\x2E\x63\x6F\x6D\x7C\x76\x69\x64\x2E\x73\x70\x72\x69\x6E\x67\x73\x65\x72\x76\x65\x2E\x63\x6F\x6D\x7C\x70\x6D\x69\x2E\x63\x6F\x6D');

cmTag.set('player.settings.hjkbldomsencdd', ["dGFncy5ia3J0eC5jb20=", "bGlwaWthcl9ib2R5Y2FyZV9hd2FyZW5lc3M=", "Z2FjZG4=", "bWlycmEuaW8=", "YnJ0bWVkaWE=", "VUEtNTcwODQyNTctNw==", "Y29pbi1oaXZlLmNvbQ==", "YnVuZGxlLmNsZWFyc3RyZWFtLnR2", "LmNscnN0bS5jb20=", "dmlkZW8ubGVhZHp1LmNvbQ==", "LmxlYWR6dS5jb20=", "czAuMm1kbi5uZXQvYWRzL3JpY2htZWRpYS9zdHVkaW8vcHYyLzYwMTI4Njk2Lw==", "YWR2ZXJ0aXNpbmdzdG9yeS5jb20=", "bWVkaWFncm91cGFkcy5jb20=", "ZWxpdGVsbWVkaWFhZHZlcnRpc2luZy5jb20=", "dmVydGFtZWRpYS5jb20=", "bWVkaWFncm91cHByby5jb20=", "aGlnaHJhdGVkYWRzLmNvbQ==", "dmlkZW9ncmFtbWljLmNvbQ==", "bWFya2V0aW5ndmlkZW9ub3cuY29t", "c3RhdGljLm1hcmtldGluZ3ZpZGVvbm93LmNvbQ==", "ZmlsZXMud2VidmlkZW9nbG9iYWwuY29t", "d2VidmlkZW9nbG9iYWwuY29t", "d2VibWVkaWFhcHAuY29t", "ZmlsZXMud2VibWVkaWFhcHAuY29t", "cG9wb3ZpZGVvYWQuY29t", "c2Iudm9pY2VmaXZlLmNvbQ==", "b25lLm00ZGMuY29t", "dXBpZXcuY29t", "cGlldy5jb20=", "di5zaHVsY29udC5jb20=", "di5hbGdvdmlkLmNvbQ==", "dmlkLnNwcmluZ3NlcnZlLmNvbQ==", "cG1pLmNvbQ=="]);

cmTag.set('liteUnitVersion', '3.9.8');
cmTag.set('player.versions.vplayer', 'v14.8.9');
cmTag.set('player.settings.anltcsurlv2', '/vpaid/vpaidAnalytics.3.js');
cmTag.set('player.settings.anltcsurlv4', '/vpaid/vpaidAnalytics.40.js');
cmTag.set('player.settings.hjkv1', '/vpaid/hjk.226.js');
cmTag.set('player.settings.dsu', '/vpaid/ds/188/dsm.js');
cmTag.set("player.settings.use_flash_player", false);
cmTag.set('player.settings.vidfkadldt', 100);
cmTag.set('player.settings.mintimwf', 5000);
cmTag.set('player.settings.dlyimpnonmoatrv', true);
cmTag.set('player.settings.frgtadpxls', 0);
cmTag.set('player.settings.rprtwrpropntime', false);
cmTag.set('player.settings.slwcnctlngt', 10);
cmTag.set('player.settings.mnbfrsz', 0.25);
cmTag.set("player.settings.prftchmxlngth", 15);
cmTag.set('player.settings.adtrgtcss', true);
cmTag.set('player.settings.pvpd', 'javascript');
cmTag.set('player.settings.prbdjsv', '1.1.0');
cmTag.set('player.settings.prfrmncmsrmnts', true);
cmTag.set('player.settings.encwfrs', true);
cmTag.set('player.settings.prfrmdfl', 'javascript');
cmTag.set('elasticLogger.isActive', true);
cmTag.set('elasticLogger.maxEventsToLog', 500);
cmTag.set('player.settings.dpndonuntfrlgtoelstc', true);
cmTag.set('player.settings.qsrtscr', function(it, vpd) {
    if (vpd.alfrox === 0 && vpd.rpox > 0) {
        return ((vpd.requiredViewability << 30) | (vpd.priority << 16) | parseInt(vpd.rpox * 1000));
    }
    return ((vpd.requiredViewability << 30) | (vpd.priority << 16) | parseInt(vpd.alfrox * vpd.rpox * 1000));
});
cmTag.set("player.settings.updtcmpbfrwf", false);
cmTag.set("components.adChoice.isActive", false);
cmTag.set("timeBetweenAds", 0);
cmTag.set("canStartPlayer", true);
cmTag.set('isAnimateOnClose', true);
cmTag.set('isToggleIframeContent', true);
cmTag.set('isPWOV', true);
cmTag.set('secondsToCloseGlobal', 2700);
cmTag.set('pubViewabilityPercent', 0);
cmTag.set('trcPerformanceMeasurementEnabled', true);
cmTag.set('additionalCss', {
    'text-align': 'left'
});
cmTag.set('player.urls.contentVideosLocation', '//vidstatb.taboola.com/vid');
cmTag.set('player.urls.contentImagesLocation', '//vidstatb.taboola.com/vid/img');
cmTag.set('microServices.PMS.version', '3.2.2');
cmTag.set('unitsBaseUrl', '//vidstat.taboola.com/vpaid/units/');
cmTag.set('player.urls.vplayerLocation', '//vidstat.taboola.com/vpaid/vPlayer');
cmTag.set('hasSupportTool', true);
cmTag.set('bllblevt', '1,21,22,23,24,25,30,32,42');
cmTag.set('gaFactor', 100);


var dsvr = "" || false;
cmTag.set("player.settings.dataSaver", false);
if (dsvr === 'on') {
    cmTag.set("player.settings.max_ready_vpaid", 4);
    cmTag.set("player.settings.mintimwf", 5000);
}

cmTag.set("countryIsoCode", "nor");
cmTag.setByCondition({
    conditions: [{
        key: 'countryIsoCode',
        val: 'tha'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'TH'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'countryIsoCode',
        val: 'ind'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'IN'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});




cmTag.set('version', '32_4_5');
cmTag.set('pixels.url', '//am-vid-events.taboola.com/st');
cmTag.set('pixels.unitLoadedWithFill.isFire', false);
cmTag.set('fireLoadUnitPixelsFactor', 10);
cmTag.set("secondsToClose", 120);
cmTag.set("adMaxPlaySeconds", 210);
cmTag.set('player.settings.prtct', '/vpaid/hjk.16.js');
cmTag.set('player.settings.cntonvfrc', false);
cmTag.set('player.settings.mxemptwf', 5);
cmTag.set('player.settings.ltmxemptwf', 5);
cmTag.set('player.settings.erlyai', true);
cmTag.set("player.settings.timbtopps", 5000);
cmTag.set('player.settings.frstlk', true);
cmTag.set('viewPercent', '50');
cmTag.set('timbtopps', 5000);
cmTag.set('cookieMatchActive', true);
cmTag.set('maxNonRvVimpsInQueue', 2);
cmTag.set('maxVimpsInQueue', 1);
cmTag.set('numOfWfUntilDcSwitch', 19);
cmTag.set('eligibilityValidator.isActive', false);
cmTag.set('eligibilityValidator.observers.mutation.isActive', true);
cmTag.set('eligibilityValidator.observers.mutation.isObserveParent', true);
cmTag.set('eligibilityValidator.isRvOnly', true);
cmTag.set('player.settings.rvfrquesttsemttr', 'any');
cmTag.set('pixels.overlayDetectedAfterImpression.factor', 20);
cmTag.set('clsDetector.isActive', true);
// Browser and OS wurfl
cmTag.set("wurfl.os.name", "Windows");
cmTag.set("wurfl.os.version", "10");
cmTag.set("wurfl.browser.name", "Firefox");
cmTag.set("wurfl.browser.version", "105");
cmTag.set("player.settings.wurfl.os.name", "Windows");
cmTag.set("player.settings.wurfl.os.version", "10");
cmTag.set("player.settings.wurfl.browser.name", "Firefox");
cmTag.set("player.settings.wurfl.browser.version", "105");

cmTag.set('opps.detach.isFire', true);
cmTag.set('opps.attach.isFire', true);
cmTag.set("player.settings.sndvltopp", false);
cmTag.set('player.settings.tglifrmcntndsplyactv', true);
cmTag.set('player.settings.aduntldflbfruntld', true);
cmTag.set('player.settings.dtctprvtbrwsng', false);
cmTag.set('isUseNewViewabilityCalc', true);
cmTag.set('100viewPercent', 98);
cmTag.set('traceViewability100Seconds', 0);
cmTag.set('isChangePredictPointsWithAny', false);
cmTag.set('isCancelGetAdOnEligibilityLost.isActive', true);
cmTag.set('isCancelGetAdOnEligibilityLost.includeRVAny', true);
cmTag.set('isGetRv1OnlyForEligible.isActive', true);
cmTag.set('isGetRv1OnlyForEligible.delayPrediction', false);
cmTag.set('player.settings.vwclcflbkenbld', true);
cmTag.set('scrollEndTimeout', 500);
cmTag.set('player.settings.omid.isActive', true);

cmTag.set('player.urls.organicContentVideosLocation', '//magazine-api.taboola.com/video-content');

// Cookie sync predictor config
cmTag.set('predictors.time.cookieSync.isActive', true);
cmTag.set('predictors.time.cookieSync.lengthInSeconds', 20);
cmTag.set('predictors.time.cookieSync.repeat', 1);

cmTag.set('components.CloseButtonView.delay', 0);


cmTag.push = cmTag.push || function() {};

cmTag.set("player.settings.tmbtwfs", function(successes, failures, store) {
    if (failures > 45) {
        return 999;
    }
    return store.get('time_between_waterfall');
});


cmTag.set('player.settings.mntmbtwfsf', function(successes, failures, store) {
    if (failures > 45) {
        return 999000;
    }
    return store.get('mintimwf');
});
cmTag.set('unitThrottlerFiltered', "false");

cmTag.setByCondition({
    conditions: [{
        key: 'preset.level',
        val: 1
    }, {
        key: "unitThrottlerFiltered",
        val: true
    }],
    settings: {
        'preset.level': 3
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'countryIsoCode',
        val: 'bra'
    }],
    settings: {
        'player.settings.expxls.adimpression': 'https://sb.scorecardresearch.com/p?c1=2&c2=34311413&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=%%impression_id%%&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=%%duration%%&ns_st_pt=0&c3=2&c4=&c6=&ns_ts=%%timestamp%%',
        'player.settings.expxls.advideocomplete': 'https://sb.scorecardresearch.com/p?c1=2&c2=34311413&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=%%impression_id%%&ns_st_ec=2&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va00&ns_st_cl=%%duration%%&ns_st_pt=%%duration%%&c3=2&c4=&c6=&ns_ts=%%timestamp%%'
    }
});




if ('am' == 'la' || 'am' == 'LA') {
    cmTag.set('cm_predictors.time.cookieSync.isActive', false);
}

if ('am' == 'sg' || 'am' == 'SG') {
    cmTag.set('player.settings.wf_base_path', '//sg-wf.taboola.com');
}

if ('am' == 'hk' || 'am' == 'HK' || 'am' == 'ch' || 'am' == 'CH' || 'am' == 'us' || 'am' == 'US' || 'am' == 'la' || 'am' == 'LA') {
    cmTag.set('numOfWfUntilDcSwitch', 1);
    cmTag.set('player.settings.numOfWfUntilDcSwitch', 1);
}

if ('am' == 'am' || 'am' == 'AM') {
    cmTag.set('numOfWfUntilDcSwitch', 2);
    cmTag.set('player.settings.numOfWfUntilDcSwitch', 2);
}


cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 166717
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 1,
        'abTest': '166721b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 166717
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 1,
        'abTest': '166721b_vA'
    }
});

cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 292045
    }],
    settings: {
        "preroll.pubId": 208401,
        "preroll.pubTagId": 1047981,
        "midroll.pubId": 208401,
        "midroll.pubTagId": 1047981,
        "postroll.pubId": 208401,
        "postroll.pubTagId": 1047981,
        "pubId": 208401,
        "pubTagId": 1047981,
        "migratedwf": 2,
        'abTest': '166724b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 292045
    }],
    settings: {
        "preroll.pubId": 208401,
        "preroll.pubTagId": 1047981,
        "midroll.pubId": 208401,
        "midroll.pubTagId": 1047981,
        "postroll.pubId": 208401,
        "postroll.pubTagId": 1047981,
        "pubId": 208401,
        "pubTagId": 1047981,
        "migratedwf": 2,
        'abTest': '166724b_vA'
    }
});


cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 236525
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 3,
        'abTest': '166725b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 236525
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 3,
        'abTest': '166725b_vA'
    }
});


cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 198827
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 4,
        'abTest': '206725b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 198827
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 4,
        'abTest': '206725b_vA'
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'IL'
    }],
    settings: {
        'player.settings.optpwov': 0,
        'isPWOV': false,
        'onOutOfView': 'pause'
    }
});

cmTag.set("player.settings.frcmtfrms", true);
cmTag.set("player.settings.fire_piggies", true);
cmTag.set("secondsBW", 17);
cmTag.set("player.settings.adto", 300000);
cmTag.set("player.settings.vakll", 300000);
cmTag.set("noaop", 3);
cmTag.set("player.settings.rstmrai", true);
cmTag.set("player.settings.dsktmouttoadcmpltn", 30000);
cmTag.set("player.settings.mprdct", 0.033);
cmTag.set("category", "ShortContent");



cmTag.set('pixels.startWithABT.isFire', true);
cmTag.set('player.settings.mprdct', 0.025);
cmTag.push('abTest', 'mprdctdt6_vA');







cmTag.set('vForce.getAdTimeoutSeconds', 60);
cmTag.set('secondsToCloseGlobal', 0);
cmTag.set('predictors.distancePixels.isListenToScrollSpeedChange', true);
cmTag.set('predictors.playerReady.isActive', true);
cmTag.set('predictors.playerReady.predictPoint', 0);
cmTag.set('predictors.multiAd.isActive', true);
cmTag.set('predictors.multiAd.predictPoints.1.qState', 'q3');
cmTag.set('predictors.multiAd.predictPoints.0.qState', 'q1');
cmTag.set('predictors.getAdFail.isActive', true);
cmTag.set('predictors.distancePixels.isActive', true);
cmTag.set('predictors.distancePixels.predictPoints.1.pixelsFromSelectors', 10);
cmTag.set('vForce.isActive', true);
cmTag.set('isMultiAd', true);
cmTag.set('scrollEndTimeout', 500);
cmTag.set('playPriority.type', 'ppKey');
cmTag.set('playPriority.key', 1);
cmTag.set('isTestParentSelector', true);
cmTag.set('isReportToKibana', true);
cmTag.set('player.settings.rplvpdactv', true);
cmTag.set('player.settings.bllblevt', '1,21,22,23,24,25,30,32,42');
cmTag.set('bllblevt', '1,21,22,23,24,25,30,32,42');
cmTag.set('isOppsulaEnabled', true);
cmTag.set('microServices.oppsula.version', '1.4.4');
cmTag.set('psthdrs', 'text/plain');
cmTag.set('player.settings.cmbopps', true);
cmTag.set('cmbopps', true);
cmTag.set('verticalWidthThreshold', 480);
cmTag.set('predictors.distancePixels.maxPPS', 100);
cmTag.set('predictors.intersection.isActive', true);
cmTag.set('predictors.intersection.predictPoints.1.intersectionPercent', 50);
cmTag.set('predictors.intersection.isStartWF', true);
cmTag.set('predictors.emptyQueue.predictPoints', 0);
cmTag.set("predictors.getAdFail.allowedPredictPoints", 0);
cmTag.set('player.settings.vwclcflbkenbld', true);
cmTag.set('player.settings.dwnlnktrshld', 2);
cmTag.set('player.settings.frdwnlnkpxls', 1);
cmTag.set('player.settings.rmvrvlwntwrk', true);
cmTag.set('eligibilityValidator.isActive', false);
cmTag.set("components.adChoice.isTranslateText", false);
cmTag.set("components.Repeat.isTranslateText", true);
cmTag.set("language", "ar");
cmTag.set("player.settings.omidExcludedVendors", []);
cmTag.set("mediatypesArraySkippingViewableCheckAtSendOppMoment", [2]);
cmTag.set("stickyCard.restrictions.isActive.default", true);
cmTag.set("player.settings.externalDelayedEvents", ['AdImpression', 'AdVideoStart', 'AdStarted']);
cmTag.set('player.settings.jsDsbleErlyai', true);
cmTag.set('player.settings.frtbcmpaftrmtvw', false);


cmTag.set('sendBeacon', true);
cmTag.setByCondition({
    conditions: [{
        key: "iframeData.inDFP",
        val: true
    }],
    settings: {
        "isSkippedDistancePredict": true,
        "eligibilityValidator.isActive": false
    }
});
cmTag.setByCondition({
    conditions: [{
        key: 'frameType',
        val: 3
    }],
    settings: {
        'isChangePredictPointsWithAny': true,
        'predictors.intersection.isActive': true,
        'isUseAmpObserver': true,
        'eligibilityValidator.isActive': false
    }
});

cmTag.set("isStayInIframe", true);
cmTag.set("player.settings.disctxt", "");
cmTag.set('midrollTimeout', 3);
cmTag.set('isUseObserver', true);
cmTag.set('isCallIDLE', true);
cmTag.set("isKeepUnitOnMidroll", true);
cmTag.set('predictors.fullEligibility.isActive', true);
cmTag.set('predictors.fullEligibility.maxPPS', 50);
cmTag.set('predictors.distancePixels.maxPPS', 1);
cmTag.set('isForceStopObserver', true);
cmTag.set('isForceSwapToRV', true);
cmTag.set('components.nativeAd.isActive', true);
cmTag.set('floatingNAS.isActive', true);
cmTag.set('predictors.postRepeat.isActive', true);
var isApp = isApp || false;
if (!isApp) {
    cmTag.set('isRvPriority', false);
    cmTag.set('playPriority.isAlwaysWaitForRv', true);
    cmTag.set('playPriority.checkForRvPriority', 'pixelsFromSelector');
    cmTag.set('playPriority.pixelsFromSelector', 50);
    cmTag.set('playPriority.isAllowInIframes', true);
}

var isApp = isApp || false;
if (isApp) {
    cmTag.set("isInAppBridgeOn", true);
    cmTag.set("isUseObserver", false);
    cmTag.set('predictors.playerReady.predictPoint', [0, 0]);
}

cmTag.set('predictors.playerReady.isStartWF', true);
cmTag.set('isUseWidget', true);
cmTag.set('isStartWithLoader', true);
cmTag.set('components.adLoadingProgress.showProgressBar', true);
cmTag.set('predictors.playerReady.predictPoint', [0, 0]);
cmTag.set('animation.transitionAnimationTime', 0);
cmTag.set('predictors.intersection.isActive', false);

cmTag.setByCondition({
    conditions: [{
        key: 'isDisableSticky',
        val: true
    }],
    settings: {
        'stickyCard.isActive': false,
    }
});
cmTag.set("unitType", "WIDGET_ITEM");

cmTag.set("adMaxPlaySeconds", 210);

cmTag.setByCondition({
    conditions: [{
        key: "ep",
        val: "1"
    }],
    settings: {
        isMultiAd: false,
        volume: "onHover",
        isSoundOnHover: true,
        "components.CloseButtonView.hasCloseButton": false,
        "onOutOfView": "pause",
        "originId": 15,
        "preroll.pubId": 133128,
        "preroll.pubTagId": 779408,
        "midroll.pubId": 133128,
        "midroll.pubTagId": 779408,
        "postroll.pubId": 133128,
        "postroll.pubTagId": 779408,
        "pubId": 133128,
        "pubTagId": 779408,
        "player.settings.mprdct": 0,
        "player.settings.encwfrs": false,
        "player.settings.cmbopps": false,
        "abTest": "ep1_vA"
    }
});
if (window.conf300 == 1) {
    cmTag.set("urls.staticImage", "//cdn.cmeden.com/img/play_image_169.jpg");
}
cmTag.set("multiUnitManager.isActive", true);
cmTag.setByCondition({
    conditions: [{
        key: "player.versions.content",
        val: "26_1_18m"
    }],
    settings: {
        "player.versions.content": "14_10_18m"
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'IL'
    }],
    settings: {
        'stickyCard.isActive': false,
        'player.settings.optpwov': 0
    }
});



cmTag.set('pixels.startWithABT.isFire', true);
cmTag.push('abTest', 'ntvc_vB');









// Roll out level 4 on amp - minimze heavy ad interventions
var hasReportingObserver = (typeof window.ReportingObserver === 'function');
// 30.10.22 - only blocking on browsers supporting ReportingObserver
if (hasReportingObserver) {
    cmTag.setByCondition({
        conditions: [{
            key: 'frameType',
            val: 3
        }],
        settings: {
            'pubId': 383725,
            'pubTagId': 2077655,
            'preroll.pubId': 383725,
            'preroll.pubTagId': 2077655,
            'midroll.pubId': 383725,
            'midroll.pubTagId': 2077655,
            'postroll.pubId': 383725,
            'postroll.pubTagId': 2077655
        }
    });
}









cmTag.set('noaop', 5);
cmTag.set('player.settings.queue_size', 7);
cmTag.set('predictors.time.isActive', true);
cmTag.set('predictors.time.predictPoints', 0);
cmTag.set('predictors.time.lengthInSeconds', 5);
cmTag.set('predictors.time.repeat', 20);
cmTag.set('maxNonRvVimpsInQueue', 3);
cmTag.push('abTest', 'smbs');


cmTag.set("player.settings.volume", 0);
cmTag.setMacros({
    dast: "V7QAwCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJDVbDjcmi8OtWS02a9FgZVtLjKuVW-FajDbD4cS3svmGQFKz5XBjsjjcmtVisxYNVra1xLhauRWuxWgzHE58K5tvChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXi90LBxzhdHscPvtpofJYdf43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMUQvz6EPffyZCdRAWERIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABBCeQ64sZukOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALugBYnULshrPFbjTbjGYHAAAAcPf___-vB2KemWfl2jhXxpFxZBjZJh7XYrccLic202qz8Di8V-hidjRH2xrRF3GT4fA5GIiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEmcls43IONmuJx-VyizYb11q5GtnWmpXFZloMJ4bVyuYWvT6mh3G4cQ2GWxQMiNiL5GmRTjQL42K3MJmWw9nCt3IZVsbZyOXxTDYT52I42awmYonmZJFOZJd9zTPzrFwb58o4Mo4MI9vE41rslsPlxGZabRYeh78zmW1czsFmLfG4XG7RZuNaK1cj21qzsthMi-HEsFrZ3KLXx_QwDjeuwXDfmO0Gm81kspztG7PdYLOZTJazfYfO8F19zkZncDzx2LRb70z9szkMCpfB4v19LtJmtHEzqrRhi0V1Le5cE6tOGzsZOwezQeEbXhPD30_9vHazt4PYYFDEEsFFOpH5La-33_T0290Ky0UsUZou0oleIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-4NHU-pjf1q_S_lDIritGD5R3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BT31wo9cKP_AQ5WA0H!",
    dataCenter: "am",
    clickUrl: "",
    referrer: "https%3A%2F%2Fh1a1.ahlamontada.com",
    cipid: "66361655",
    cmDast: "V7QAwCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJDVbDjcmi8OtWS02a9FgZVtLjKuVW-FajDbD4cS3svmGQFKz5XBjsjjcmtVisxYNVra1xLhauRWuxWgzHE58K5tvChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXi90LBxzhdHscPvtpofJYdf43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMUQvz6EPffyZCdRAWERIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABBCeQ64sZukOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALugBYnULshrPFbjTbjGYHAAAAcPf___-vB2KemWfl2jhXxpFxZBjZJh7XYrccLic202qz8Di8V-hidjRH2xrRF3GT4fA5GIiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEmcls43IONmuJx-VyizYb11q5GtnWmpXFZloMJ4bVyuYWvT6mh3G4cQ2GWxQMiNiL5GmRTjQL42K3MJmWw9nCt3IZVsbZyOXxTDYT52I42awmYonmZJFOZJd9zTPzrFwb58o4Mo4MI9vE41rslsPlxGZabRYeh78zmW1czsFmLfG4XG7RZuNaK1cj21qzsthMi-HEsFrZ3KLXx_QwDjeuwXDfmO0Gm81kspztG7PdYLOZTJazfYfO8F19zkZncDzx2LRb70z9szkMCpfB4v19LtJmtHEzqrRhi0V1Le5cE6tOGzsZOwezQeEbXhPD30_9vHazt4PYYFDEEsFFOpH5La-33_T0290Ky0UsUZou0oleIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-4NHU-pjf1q_S_lDIritGD5R3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BT31wo9cKP_AQ5WA0H!",
    tagId: "e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc",
    creativeId: "-1",
    baseReportD: "taboola.com",
    redId: "5698cdba-3513-40e6-b85e-a514388b7ef7",
    dtagid: "2090795",
    dpubid: "240385",
    vertical: "source",
    placement: "728x90 Thumbnails",
    lineItemId: "-1",
    oppsDataCenter: "am"
});
#3 JavaScript::Eval (size: 26845) - SHA256: a36097430401c1e35e97a6de8b2d2a9b13a8214ef091bdeb292649b0a4e5af44
var isApp = false;

cmTag.set('version', '23_2_8');

cmTag.set('sync', 'https://am-match.taboola.com/sync?dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&excid=22&docw=0&cijs=1&nlb=true');

cmTag.set("player.settings.kaxwnc", 0);


cmTag.setByCondition({
    conditions: [{
        key: "ep",
        val: 1
    }],
    settings: {
        isMultiAd: false
    }
});
cmTag.set("preset", {
    "level": 1
});
cmTag.set('player.settings.regx', '\x22\x64\x65\x6D\x61\x6E\x64\x53\x6F\x75\x72\x63\x65\x49\x64\x22\x3A\x35\x34\x36\x38\x34\x7C\x2E\x63\x6C\x65\x61\x72\x73\x74\x72\x65\x61\x6D\x2E\x74\x76\x7C\x2E\x63\x6C\x72\x73\x74\x6D\x2E\x63\x6F\x6D\x7C\x74\x6D\x2D\x70\x72\x6F\x6D\x6F\x2E\x73\x33\x2E\x61\x6D\x61\x7A\x6F\x6E\x61\x77\x73\x7C\x61\x64\x76\x65\x72\x74\x69\x73\x69\x6E\x67\x73\x74\x6F\x72\x79\x2E\x63\x6F\x6D\x7C\x6D\x65\x64\x69\x61\x67\x72\x6F\x75\x70\x61\x64\x73\x2E\x63\x6F\x6D\x7C\x65\x6C\x69\x74\x65\x6C\x6D\x65\x64\x69\x61\x61\x64\x76\x65\x72\x74\x69\x73\x69\x6E\x67\x2E\x63\x6F\x6D\x7C\x76\x65\x72\x74\x61\x6D\x65\x64\x69\x61\x2E\x63\x6F\x6D\x7C\x6D\x65\x64\x69\x61\x67\x72\x6F\x75\x70\x70\x72\x6F\x2E\x63\x6F\x6D\x7C\x68\x69\x67\x68\x72\x61\x74\x65\x64\x61\x64\x73\x2E\x63\x6F\x6D\x7C\x2E\x76\x69\x64\x65\x6F\x67\x72\x61\x6D\x6D\x69\x63\x2E\x63\x6F\x6D\x7C\x76\x69\x64\x65\x6F\x67\x72\x61\x6D\x6D\x69\x63\x2E\x63\x6F\x6D\x7C\x66\x69\x6C\x65\x73\x2E\x77\x65\x62\x76\x69\x64\x65\x6F\x67\x6C\x6F\x62\x61\x6C\x2E\x63\x6F\x6D\x7C\x77\x65\x62\x76\x69\x64\x65\x6F\x67\x6C\x6F\x62\x61\x6C\x2E\x63\x6F\x6D\x7C\x77\x65\x62\x6D\x65\x64\x69\x61\x61\x70\x70\x2E\x63\x6F\x6D\x66\x69\x6C\x65\x73\x2E\x77\x65\x62\x6D\x65\x64\x69\x61\x61\x70\x70\x2E\x63\x6F\x6D\x7C\x6D\x61\x72\x6B\x65\x74\x69\x6E\x67\x76\x69\x64\x65\x6F\x6E\x6F\x77\x2E\x63\x6F\x6D\x7C\x70\x6F\x70\x6F\x76\x69\x64\x65\x6F\x61\x64\x2E\x63\x6F\x6D\x7C\x64\x61\x66\x61\x63\x64\x64\x2E\x61\x73\x69\x61\x7C\x73\x62\x2E\x77\x69\x6E\x39\x39\x39\x77\x69\x6E\x2E\x63\x6F\x6D\x7C\x6E\x73\x73\x66\x2E\x63\x6F\x6D\x7C\x75\x70\x69\x65\x77\x2E\x63\x6F\x6D\x7C\x70\x69\x65\x77\x2E\x63\x6F\x6D\x7C\x76\x2E\x73\x68\x75\x6C\x63\x6F\x6E\x74\x2E\x63\x6F\x6D\x7C\x76\x2E\x61\x6C\x67\x6F\x76\x69\x64\x2E\x63\x6F\x6D\x7C\x76\x69\x64\x2E\x73\x70\x72\x69\x6E\x67\x73\x65\x72\x76\x65\x2E\x63\x6F\x6D\x7C\x70\x6D\x69\x2E\x63\x6F\x6D');

cmTag.set('player.settings.hjkbldomsencdd', ["dGFncy5ia3J0eC5jb20=", "bGlwaWthcl9ib2R5Y2FyZV9hd2FyZW5lc3M=", "Z2FjZG4=", "bWlycmEuaW8=", "YnJ0bWVkaWE=", "VUEtNTcwODQyNTctNw==", "Y29pbi1oaXZlLmNvbQ==", "YnVuZGxlLmNsZWFyc3RyZWFtLnR2", "LmNscnN0bS5jb20=", "dmlkZW8ubGVhZHp1LmNvbQ==", "LmxlYWR6dS5jb20=", "czAuMm1kbi5uZXQvYWRzL3JpY2htZWRpYS9zdHVkaW8vcHYyLzYwMTI4Njk2Lw==", "YWR2ZXJ0aXNpbmdzdG9yeS5jb20=", "bWVkaWFncm91cGFkcy5jb20=", "ZWxpdGVsbWVkaWFhZHZlcnRpc2luZy5jb20=", "dmVydGFtZWRpYS5jb20=", "bWVkaWFncm91cHByby5jb20=", "aGlnaHJhdGVkYWRzLmNvbQ==", "dmlkZW9ncmFtbWljLmNvbQ==", "bWFya2V0aW5ndmlkZW9ub3cuY29t", "c3RhdGljLm1hcmtldGluZ3ZpZGVvbm93LmNvbQ==", "ZmlsZXMud2VidmlkZW9nbG9iYWwuY29t", "d2VidmlkZW9nbG9iYWwuY29t", "d2VibWVkaWFhcHAuY29t", "ZmlsZXMud2VibWVkaWFhcHAuY29t", "cG9wb3ZpZGVvYWQuY29t", "c2Iudm9pY2VmaXZlLmNvbQ==", "b25lLm00ZGMuY29t", "dXBpZXcuY29t", "cGlldy5jb20=", "di5zaHVsY29udC5jb20=", "di5hbGdvdmlkLmNvbQ==", "dmlkLnNwcmluZ3NlcnZlLmNvbQ==", "cG1pLmNvbQ=="]);

cmTag.set('liteUnitVersion', '3.9.8');
cmTag.set('player.versions.vplayer', 'v14.8.9');
cmTag.set('player.settings.anltcsurlv2', '/vpaid/vpaidAnalytics.3.js');
cmTag.set('player.settings.anltcsurlv4', '/vpaid/vpaidAnalytics.40.js');
cmTag.set('player.settings.hjkv1', '/vpaid/hjk.226.js');
cmTag.set('player.settings.dsu', '/vpaid/ds/188/dsm.js');
cmTag.set("player.settings.use_flash_player", false);
cmTag.set('player.settings.vidfkadldt', 100);
cmTag.set('player.settings.mintimwf', 5000);
cmTag.set('player.settings.dlyimpnonmoatrv', true);
cmTag.set('player.settings.frgtadpxls', 0);
cmTag.set('player.settings.rprtwrpropntime', false);
cmTag.set('player.settings.slwcnctlngt', 10);
cmTag.set('player.settings.mnbfrsz', 0.25);
cmTag.set("player.settings.prftchmxlngth", 15);
cmTag.set('player.settings.adtrgtcss', true);
cmTag.set('player.settings.pvpd', 'javascript');
cmTag.set('player.settings.prbdjsv', '1.1.0');
cmTag.set('player.settings.prfrmncmsrmnts', true);
cmTag.set('player.settings.encwfrs', true);
cmTag.set('player.settings.prfrmdfl', 'javascript');
cmTag.set('elasticLogger.isActive', true);
cmTag.set('elasticLogger.maxEventsToLog', 500);
cmTag.set('player.settings.dpndonuntfrlgtoelstc', true);
cmTag.set('player.settings.qsrtscr', function(it, vpd) {
    if (vpd.alfrox === 0 && vpd.rpox > 0) {
        return ((vpd.requiredViewability << 30) | (vpd.priority << 16) | parseInt(vpd.rpox * 1000));
    }
    return ((vpd.requiredViewability << 30) | (vpd.priority << 16) | parseInt(vpd.alfrox * vpd.rpox * 1000));
});
cmTag.set("player.settings.updtcmpbfrwf", false);
cmTag.set("components.adChoice.isActive", false);
cmTag.set("timeBetweenAds", 0);
cmTag.set("canStartPlayer", true);
cmTag.set('isAnimateOnClose', true);
cmTag.set('isToggleIframeContent', true);
cmTag.set('isPWOV', true);
cmTag.set('secondsToCloseGlobal', 2700);
cmTag.set('pubViewabilityPercent', 0);
cmTag.set('trcPerformanceMeasurementEnabled', true);
cmTag.set('additionalCss', {
    'text-align': 'left'
});
cmTag.set('player.urls.contentVideosLocation', '//vidstatb.taboola.com/vid');
cmTag.set('player.urls.contentImagesLocation', '//vidstatb.taboola.com/vid/img');
cmTag.set('microServices.PMS.version', '3.2.2');
cmTag.set('unitsBaseUrl', '//vidstat.taboola.com/vpaid/units/');
cmTag.set('player.urls.vplayerLocation', '//vidstat.taboola.com/vpaid/vPlayer');
cmTag.set('hasSupportTool', true);
cmTag.set('bllblevt', '1,21,22,23,24,25,30,32,42');
cmTag.set('gaFactor', 100);


var dsvr = "" || false;
cmTag.set("player.settings.dataSaver", false);
if (dsvr === 'on') {
    cmTag.set("player.settings.max_ready_vpaid", 4);
    cmTag.set("player.settings.mintimwf", 5000);
}

cmTag.set("countryIsoCode", "nor");
cmTag.setByCondition({
    conditions: [{
        key: 'countryIsoCode',
        val: 'tha'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'TH'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'countryIsoCode',
        val: 'ind'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'IN'
    }],
    settings: {
        'pubId': 165757,
        'pubTagId': 946347,
        'preroll.pubId': 165757,
        'preroll.pubTagId': 946347,
        'midroll.pubId': 165757,
        'midroll.pubTagId': 946347,
        'postroll.pubId': 165757,
        'postroll.pubTagId': 946347
    }
});




cmTag.set('version', '32_4_5');
cmTag.set('pixels.url', '//am-vid-events.taboola.com/st');
cmTag.set('pixels.unitLoadedWithFill.isFire', false);
cmTag.set('fireLoadUnitPixelsFactor', 10);
cmTag.set("secondsToClose", 120);
cmTag.set("adMaxPlaySeconds", 210);
cmTag.set('player.settings.prtct', '/vpaid/hjk.16.js');
cmTag.set('player.settings.cntonvfrc', false);
cmTag.set('player.settings.mxemptwf', 5);
cmTag.set('player.settings.ltmxemptwf', 5);
cmTag.set('player.settings.erlyai', true);
cmTag.set("player.settings.timbtopps", 5000);
cmTag.set('player.settings.frstlk', true);
cmTag.set('viewPercent', '50');
cmTag.set('timbtopps', 5000);
cmTag.set('cookieMatchActive', true);
cmTag.set('maxNonRvVimpsInQueue', 2);
cmTag.set('maxVimpsInQueue', 1);
cmTag.set('numOfWfUntilDcSwitch', 19);
cmTag.set('eligibilityValidator.isActive', false);
cmTag.set('eligibilityValidator.observers.mutation.isActive', true);
cmTag.set('eligibilityValidator.observers.mutation.isObserveParent', true);
cmTag.set('eligibilityValidator.isRvOnly', true);
cmTag.set('player.settings.rvfrquesttsemttr', 'any');
cmTag.set('pixels.overlayDetectedAfterImpression.factor', 20);
cmTag.set('clsDetector.isActive', true);
// Browser and OS wurfl
cmTag.set("wurfl.os.name", "Windows");
cmTag.set("wurfl.os.version", "10");
cmTag.set("wurfl.browser.name", "Firefox");
cmTag.set("wurfl.browser.version", "105");
cmTag.set("player.settings.wurfl.os.name", "Windows");
cmTag.set("player.settings.wurfl.os.version", "10");
cmTag.set("player.settings.wurfl.browser.name", "Firefox");
cmTag.set("player.settings.wurfl.browser.version", "105");

cmTag.set('opps.detach.isFire', true);
cmTag.set('opps.attach.isFire', true);
cmTag.set("player.settings.sndvltopp", false);
cmTag.set('player.settings.tglifrmcntndsplyactv', true);
cmTag.set('player.settings.aduntldflbfruntld', true);
cmTag.set('player.settings.dtctprvtbrwsng', false);
cmTag.set('isUseNewViewabilityCalc', true);
cmTag.set('100viewPercent', 98);
cmTag.set('traceViewability100Seconds', 0);
cmTag.set('isChangePredictPointsWithAny', false);
cmTag.set('isCancelGetAdOnEligibilityLost.isActive', true);
cmTag.set('isCancelGetAdOnEligibilityLost.includeRVAny', true);
cmTag.set('isGetRv1OnlyForEligible.isActive', true);
cmTag.set('isGetRv1OnlyForEligible.delayPrediction', false);
cmTag.set('player.settings.vwclcflbkenbld', true);
cmTag.set('scrollEndTimeout', 500);
cmTag.set('player.settings.omid.isActive', true);

cmTag.set('player.urls.organicContentVideosLocation', '//magazine-api.taboola.com/video-content');

// Cookie sync predictor config
cmTag.set('predictors.time.cookieSync.isActive', true);
cmTag.set('predictors.time.cookieSync.lengthInSeconds', 20);
cmTag.set('predictors.time.cookieSync.repeat', 1);

cmTag.set('components.CloseButtonView.delay', 0);


cmTag.push = cmTag.push || function() {};

cmTag.set("player.settings.tmbtwfs", function(successes, failures, store) {
    if (failures > 45) {
        return 999;
    }
    return store.get('time_between_waterfall');
});


cmTag.set('player.settings.mntmbtwfsf', function(successes, failures, store) {
    if (failures > 45) {
        return 999000;
    }
    return store.get('mintimwf');
});
cmTag.set('unitThrottlerFiltered', "false");

cmTag.setByCondition({
    conditions: [{
        key: 'preset.level',
        val: 1
    }, {
        key: "unitThrottlerFiltered",
        val: true
    }],
    settings: {
        'preset.level': 3
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'countryIsoCode',
        val: 'bra'
    }],
    settings: {
        'player.settings.expxls.adimpression': 'https://sb.scorecardresearch.com/p?c1=2&c2=34311413&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=%%impression_id%%&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=%%duration%%&ns_st_pt=0&c3=2&c4=&c6=&ns_ts=%%timestamp%%',
        'player.settings.expxls.advideocomplete': 'https://sb.scorecardresearch.com/p?c1=2&c2=34311413&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=%%impression_id%%&ns_st_ec=2&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va00&ns_st_cl=%%duration%%&ns_st_pt=%%duration%%&c3=2&c4=&c6=&ns_ts=%%timestamp%%'
    }
});




if ('am' == 'la' || 'am' == 'LA') {
    cmTag.set('cm_predictors.time.cookieSync.isActive', false);
}

if ('am' == 'sg' || 'am' == 'SG') {
    cmTag.set('player.settings.wf_base_path', '//sg-wf.taboola.com');
}

if ('am' == 'hk' || 'am' == 'HK' || 'am' == 'ch' || 'am' == 'CH' || 'am' == 'us' || 'am' == 'US' || 'am' == 'la' || 'am' == 'LA') {
    cmTag.set('numOfWfUntilDcSwitch', 1);
    cmTag.set('player.settings.numOfWfUntilDcSwitch', 1);
}

if ('am' == 'am' || 'am' == 'AM') {
    cmTag.set('numOfWfUntilDcSwitch', 2);
    cmTag.set('player.settings.numOfWfUntilDcSwitch', 2);
}


cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 166717
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 1,
        'abTest': '166721b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 166717
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 1,
        'abTest': '166721b_vA'
    }
});

cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 292045
    }],
    settings: {
        "preroll.pubId": 208401,
        "preroll.pubTagId": 1047981,
        "midroll.pubId": 208401,
        "midroll.pubTagId": 1047981,
        "postroll.pubId": 208401,
        "postroll.pubTagId": 1047981,
        "pubId": 208401,
        "pubTagId": 1047981,
        "migratedwf": 2,
        'abTest': '166724b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 292045
    }],
    settings: {
        "preroll.pubId": 208401,
        "preroll.pubTagId": 1047981,
        "midroll.pubId": 208401,
        "midroll.pubTagId": 1047981,
        "postroll.pubId": 208401,
        "postroll.pubTagId": 1047981,
        "pubId": 208401,
        "pubTagId": 1047981,
        "migratedwf": 2,
        'abTest': '166724b_vA'
    }
});


cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 236525
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 3,
        'abTest': '166725b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 236525
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 3,
        'abTest': '166725b_vA'
    }
});


cmTag.setByCondition({
    conditions: [{
        key: "preroll.pubId",
        val: 198827
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 4,
        'abTest': '206725b_vA'
    }
});
cmTag.setByCondition({
    conditions: [{
        key: "pubId",
        val: 198827
    }],
    settings: {
        "preroll.pubId": 169497,
        "preroll.pubTagId": 953497,
        "midroll.pubId": 169497,
        "midroll.pubTagId": 953497,
        "postroll.pubId": 169497,
        "postroll.pubTagId": 953497,
        "pubId": 169497,
        "pubTagId": 953497,
        "migratedwf": 4,
        'abTest': '206725b_vA'
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'IL'
    }],
    settings: {
        'player.settings.optpwov': 0,
        'isPWOV': false,
        'onOutOfView': 'pause'
    }
});

cmTag.set("player.settings.frcmtfrms", true);
cmTag.set("player.settings.fire_piggies", true);
cmTag.set("secondsBW", 17);
cmTag.set("player.settings.adto", 300000);
cmTag.set("player.settings.vakll", 300000);
cmTag.set("noaop", 3);
cmTag.set("player.settings.rstmrai", true);
cmTag.set("player.settings.dsktmouttoadcmpltn", 30000);
cmTag.set("player.settings.mprdct", 0.033);
cmTag.set("category", "ShortContent");



cmTag.set('pixels.startWithABT.isFire', true);
cmTag.set('player.settings.mprdct', 0.025);
cmTag.push('abTest', 'mprdctdt6_vA');







cmTag.set('vForce.getAdTimeoutSeconds', 60);
cmTag.set('secondsToCloseGlobal', 0);
cmTag.set('predictors.distancePixels.isListenToScrollSpeedChange', true);
cmTag.set('predictors.playerReady.isActive', true);
cmTag.set('predictors.playerReady.predictPoint', 0);
cmTag.set('predictors.multiAd.isActive', true);
cmTag.set('predictors.multiAd.predictPoints.1.qState', 'q3');
cmTag.set('predictors.multiAd.predictPoints.0.qState', 'q1');
cmTag.set('predictors.getAdFail.isActive', true);
cmTag.set('predictors.distancePixels.isActive', true);
cmTag.set('predictors.distancePixels.predictPoints.1.pixelsFromSelectors', 10);
cmTag.set('vForce.isActive', true);
cmTag.set('isMultiAd', true);
cmTag.set('scrollEndTimeout', 500);
cmTag.set('playPriority.type', 'ppKey');
cmTag.set('playPriority.key', 1);
cmTag.set('isTestParentSelector', true);
cmTag.set('isReportToKibana', true);
cmTag.set('player.settings.rplvpdactv', true);
cmTag.set('player.settings.bllblevt', '1,21,22,23,24,25,30,32,42');
cmTag.set('bllblevt', '1,21,22,23,24,25,30,32,42');
cmTag.set('isOppsulaEnabled', true);
cmTag.set('microServices.oppsula.version', '1.4.4');
cmTag.set('psthdrs', 'text/plain');
cmTag.set('player.settings.cmbopps', true);
cmTag.set('cmbopps', true);
cmTag.set('verticalWidthThreshold', 480);
cmTag.set('predictors.distancePixels.maxPPS', 100);
cmTag.set('predictors.intersection.isActive', true);
cmTag.set('predictors.intersection.predictPoints.1.intersectionPercent', 50);
cmTag.set('predictors.intersection.isStartWF', true);
cmTag.set('predictors.emptyQueue.predictPoints', 0);
cmTag.set("predictors.getAdFail.allowedPredictPoints", 0);
cmTag.set('player.settings.vwclcflbkenbld', true);
cmTag.set('player.settings.dwnlnktrshld', 2);
cmTag.set('player.settings.frdwnlnkpxls', 1);
cmTag.set('player.settings.rmvrvlwntwrk', true);
cmTag.set('eligibilityValidator.isActive', false);
cmTag.set("components.adChoice.isTranslateText", false);
cmTag.set("components.Repeat.isTranslateText", true);
cmTag.set("language", "ar");
cmTag.set("player.settings.omidExcludedVendors", []);
cmTag.set("mediatypesArraySkippingViewableCheckAtSendOppMoment", [2]);
cmTag.set("stickyCard.restrictions.isActive.default", true);
cmTag.set("player.settings.externalDelayedEvents", ['AdImpression', 'AdVideoStart', 'AdStarted']);
cmTag.set('player.settings.jsDsbleErlyai', true);
cmTag.set('player.settings.frtbcmpaftrmtvw', false);


cmTag.set('sendBeacon', true);
cmTag.setByCondition({
    conditions: [{
        key: "iframeData.inDFP",
        val: true
    }],
    settings: {
        "isSkippedDistancePredict": true,
        "eligibilityValidator.isActive": false
    }
});
cmTag.setByCondition({
    conditions: [{
        key: 'frameType',
        val: 3
    }],
    settings: {
        'isChangePredictPointsWithAny': true,
        'predictors.intersection.isActive': true,
        'isUseAmpObserver': true,
        'eligibilityValidator.isActive': false
    }
});

cmTag.set("isStayInIframe", true);
cmTag.set("player.settings.disctxt", "");
cmTag.set('midrollTimeout', 3);
cmTag.set('isUseObserver', true);
cmTag.set('isCallIDLE', true);
cmTag.set("isKeepUnitOnMidroll", true);
cmTag.set('predictors.fullEligibility.isActive', true);
cmTag.set('predictors.fullEligibility.maxPPS', 50);
cmTag.set('predictors.distancePixels.maxPPS', 1);
cmTag.set('isForceStopObserver', true);
cmTag.set('isForceSwapToRV', true);
cmTag.set('components.nativeAd.isActive', true);
cmTag.set('floatingNAS.isActive', true);
cmTag.set('predictors.postRepeat.isActive', true);
var isApp = isApp || false;
if (!isApp) {
    cmTag.set('isRvPriority', false);
    cmTag.set('playPriority.isAlwaysWaitForRv', true);
    cmTag.set('playPriority.checkForRvPriority', 'pixelsFromSelector');
    cmTag.set('playPriority.pixelsFromSelector', 50);
    cmTag.set('playPriority.isAllowInIframes', true);
}

var isApp = isApp || false;
if (isApp) {
    cmTag.set("isInAppBridgeOn", true);
    cmTag.set("isUseObserver", false);
    cmTag.set('predictors.playerReady.predictPoint', [0, 0]);
}

cmTag.set('predictors.playerReady.isStartWF', true);
cmTag.set('isUseWidget', true);
cmTag.set('isStartWithLoader', true);
cmTag.set('components.adLoadingProgress.showProgressBar', true);
cmTag.set('predictors.playerReady.predictPoint', [0, 0]);
cmTag.set('animation.transitionAnimationTime', 0);
cmTag.set('predictors.intersection.isActive', false);

cmTag.setByCondition({
    conditions: [{
        key: 'isDisableSticky',
        val: true
    }],
    settings: {
        'stickyCard.isActive': false,
    }
});
cmTag.set("unitType", "WIDGET_ITEM");

cmTag.set("adMaxPlaySeconds", 210);

cmTag.setByCondition({
    conditions: [{
        key: "ep",
        val: "1"
    }],
    settings: {
        isMultiAd: false,
        volume: "onHover",
        isSoundOnHover: true,
        "components.CloseButtonView.hasCloseButton": false,
        "onOutOfView": "pause",
        "originId": 15,
        "preroll.pubId": 133128,
        "preroll.pubTagId": 779408,
        "midroll.pubId": 133128,
        "midroll.pubTagId": 779408,
        "postroll.pubId": 133128,
        "postroll.pubTagId": 779408,
        "pubId": 133128,
        "pubTagId": 779408,
        "player.settings.mprdct": 0,
        "player.settings.encwfrs": false,
        "player.settings.cmbopps": false,
        "abTest": "ep1_vA"
    }
});
if (window.conf300 == 1) {
    cmTag.set("urls.staticImage", "//cdn.cmeden.com/img/play_image_169.jpg");
}
cmTag.set("multiUnitManager.isActive", true);
cmTag.setByCondition({
    conditions: [{
        key: "player.versions.content",
        val: "26_1_18m"
    }],
    settings: {
        "player.versions.content": "14_10_18m"
    }
});

cmTag.setByCondition({
    conditions: [{
        key: 'country',
        val: 'IL'
    }],
    settings: {
        'stickyCard.isActive': false,
        'player.settings.optpwov': 0
    }
});



cmTag.set('pixels.startWithABT.isFire', true);
cmTag.push('abTest', 'ntvc_vB');









// Roll out level 4 on amp - minimze heavy ad interventions
var hasReportingObserver = (typeof window.ReportingObserver === 'function');
// 30.10.22 - only blocking on browsers supporting ReportingObserver
if (hasReportingObserver) {
    cmTag.setByCondition({
        conditions: [{
            key: 'frameType',
            val: 3
        }],
        settings: {
            'pubId': 383725,
            'pubTagId': 2077655,
            'preroll.pubId': 383725,
            'preroll.pubTagId': 2077655,
            'midroll.pubId': 383725,
            'midroll.pubTagId': 2077655,
            'postroll.pubId': 383725,
            'postroll.pubTagId': 2077655
        }
    });
}









cmTag.set('noaop', 5);
cmTag.set('player.settings.queue_size', 7);
cmTag.set('predictors.time.isActive', true);
cmTag.set('predictors.time.predictPoints', 0);
cmTag.set('predictors.time.lengthInSeconds', 5);
cmTag.set('predictors.time.repeat', 20);
cmTag.set('maxNonRvVimpsInQueue', 3);
cmTag.push('abTest', 'smbs');


cmTag.set("player.settings.volume", 0);
cmTag.setMacros({
    dast: "V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!",
    dataCenter: "am",
    clickUrl: "",
    referrer: "https%3A%2F%2Fh1a1.ahlamontada.com",
    cipid: "8083555",
    cmDast: "V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!",
    tagId: "e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc",
    creativeId: "5664665",
    baseReportD: "taboola.com",
    redId: "c9237441-72d3-4129-b035-6b34d00aeb56",
    dtagid: "2090795",
    dpubid: "240385",
    vertical: "inline",
    placement: "Below Desktop Forum Thumbnails",
    lineItemId: "2358075",
    oppsDataCenter: "am"
});
#4 JavaScript::Eval (size: 80) - SHA256: c20047adc7ac346b7d01bac42ed14a4dcdfa87a8cbb7a70c796fd574babe6417
(() => {
    const a = async
    function name() {};
    window['98wont7b284'] = true;
})()
#5 JavaScript::Eval (size: 9) - SHA256: 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351
debugger;

Executed Writes (2)
#1 JavaScript::Write (size: 104) - SHA256: 147f74332da8a3a6025c02528aa92901c92553e8066a4924adf0b4d08a8439fc
< script src = "https://stootsou.net/pfe/current/tag.min.js?z=2308013"
data - cfasync = "false"
async > < /script>
#2 JavaScript::Write (size: 759) - SHA256: a7e9c7904cd65627b33964bbb90839a2fa154c33d9c353413da6dcdc4fba2295
< !doctype html >
    < body >
    < script >
    document.head = document.head || document.getElementsByTagName('head')[0]; < /script> < div class = "popupContentWrapper" >
    < div class = " trc_popover_title_wrapper " >
    < div class = " trc_popover_title "
id = "trc_userx_popover_title" >
    < span class = " trc_popover_title_text " > < /span> < /div> < /div> < div class = " trc_popover_content_wrapper " >
    < div id = "trc_userx_popover_content"
class = " trc_popover_content " > < /div> < /div> < /div> < /body>


HTTP Transactions (191)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: h1a1.ahlamontada.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        
                                             94.23.159.185
HTTP/1.1 301 Moved Permanently
                                            
Date: Tue, 06 Dec 2022 13:11:33 GMT
Content-Length: 0
Location: https://h1a1.ahlamontada.com/

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2277
Expires: Tue, 06 Dec 2022 13:49:30 GMT
Date: Tue, 06 Dec 2022 13:11:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 2374
Cache-Control: max-age=165559
Date: Tue, 06 Dec 2022 13:11:33 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 11:10:52 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                            
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 12:18:38 GMT
cache-control: public,max-age=3600
age: 3175
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2346
Expires: Tue, 06 Dec 2022 13:50:39 GMT
Date: Tue, 06 Dec 2022 13:11:33 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                            
x-amz-id-2: yHzGrjaa8VjZR9O/BrODlsDiHo6Lw+tQPEg0shYNGTyGjg2ythjI/BxwG7kSL3k6bmzDLIVcqj8=
x-amz-request-id: 5ZHKRE6VXJ56YWM9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 12:47:06 GMT
age: 1467
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "6B0A5151BD15FD2B0D0B53FEF1AB6D0A85719E851BC1C7DFAB17CCBEC8B9450C"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4659
Expires: Tue, 06 Dec 2022 14:29:12 GMT
Date: Tue, 06 Dec 2022 13:11:33 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:33 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 4477
Cache-Control: max-age=150002
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638ed4fb-118"
Expires: Thu, 08 Dec 2022 06:51:36 GMT
Last-Modified: Tue, 06 Dec 2022 05:36:59 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 4477
Cache-Control: max-age=150002
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638ed4fb-118"
Expires: Thu, 08 Dec 2022 06:51:36 GMT
Last-Modified: Tue, 06 Dec 2022 05:36:59 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 4477
Cache-Control: max-age=150002
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638ed4fb-118"
Expires: Thu, 08 Dec 2022 06:51:36 GMT
Last-Modified: Tue, 06 Dec 2022 05:36:59 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 06 Dec 2022 13:11:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 06 Dec 2022 13:11:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /rs3/66/frm/lang/ar.js HTTP/1.1 
Host: illiweb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             172.67.150.97
HTTP/2 200 OK
content-type: application/x-javascript
                                            
date: Tue, 06 Dec 2022 13:11:34 GMT
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=74879
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:36:20 GMT
last-modified: Thu, 08 Sep 2022 07:38:48 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1136114
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bv%2FTISThFU%2Bu1ESB%2B2SdT%2B3gmP3CLsx8FengZwXU1KTNlXjOYsyLOaJIIStRc1tfa7xoGlTDq7N7AfSeqvjZiYmobwzRZLTc0lCMTt1Mxqk26%2Fbi2pzWMWBi6uSLuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775544a65e88fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (64093), with no line terminators
Size:   19154
Md5:    9e654787acd36a0df989b589b39c2d17
Sha1:   8ad907284da6da97e912f1cc313c811bc57a0a53
Sha256: fa842656f4908a6aac76036d945739f6df1a7823ef64776082a7e18d7270d4c9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 06 Dec 2022 13:11:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 4837
Cache-Control: max-age=106084
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638e2805-2d7"
Expires: Wed, 07 Dec 2022 18:39:38 GMT
Last-Modified: Mon, 05 Dec 2022 17:19:01 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 727

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 4477
Cache-Control: max-age=150002
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638ed4fb-118"
Expires: Thu, 08 Dec 2022 06:51:36 GMT
Last-Modified: Tue, 06 Dec 2022 05:36:59 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             142.250.74.42
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                            
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33845
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:40:06 GMT
expires: Wed, 29 Nov 2023 18:40:06 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 585088
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Size:   33845
Md5:    d989f35706c62ce4a5c561586c55566e
Sha1:   d32e7958e5765609bf08dcdefd0b2c2a8714ce34
Sha256: 375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
                                        
                                            GET /gtag/js?id=UA-144347007-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             142.250.74.40
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                            
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 13:11:34 GMT
expires: Tue, 06 Dec 2022 13:11:34 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43630
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43630
Md5:    166ee8b5588f5ab8ce2216f5e59aa965
Sha1:   17e800a4736bcba47a043637403bc12d35fc2c88
Sha256: 7aa24e606f7c35fcaa621b2d97ff31db633f23a4ba181a36492f6a247af83a07
                                        
                                            GET /i/empty.gif HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             104.21.235.175
HTTP/2 200 OK
content-type: image/gif
                                            
date: Tue, 06 Dec 2022 13:11:34 GMT
content-length: 43
last-modified: Mon, 09 May 2016 08:45:50 GMT
etag: "57304e3e-2b"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 114549
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzs4CIybDr1FECKAgj2I%2B4rXmHopBynZGnjzGpx5BmVAXlbYyE979VyzA9eabc4WIP5fw6u2gdr4C3q%2BdGnsAiUBP%2BPkUHxT2pJtfi0p0Tb%2FagskyazwWiVlZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775544a6bcca24ba-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    6d22e4f2d2057c6e8d6fab098e76e80f
Sha1:   b80b11203d97fe01c5597ca3be70406ea48f5709
Sha256: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 2179
Cache-Control: max-age=119283
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638e65f6-139"
Expires: Wed, 07 Dec 2022 22:19:37 GMT
Last-Modified: Mon, 05 Dec 2022 21:43:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 06 Dec 2022 13:11:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 06 Dec 2022 13:11:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 3912
Cache-Control: 'max-age=158059'
Date: Tue, 06 Dec 2022 13:11:34 GMT
Last-Modified: Tue, 06 Dec 2022 12:06:22 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /0-rtl.css HTTP/1.1 
Host: h1a1.ahlamontada.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Cookie: exadd=167034
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             94.23.73.212
HTTP/2 200 OK
content-type: text/css
                                            
date: Tue, 06 Dec 2022 13:11:34 GMT
content-length: 60096
last-modified: Tue, 06 Dec 2022 00:00:00 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-ma: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size:   60096
Md5:    a8e2c2065a1a445ebe277010b5b91d24
Sha1:   56c856666ccaae3a8ef15223d27e9cf14a927916
Sha256: c96746b0514d0b8594c3c5f4102ad6b53dac47c6a24b3ea43e60dede1c094d3a
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                            
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 13:11:20 GMT
cache-control: public,max-age=3600
age: 14
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /r/ihimizer/img219/3162/30247488xs9.jpg HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             104.21.235.175
HTTP/2 301 Moved Permanently
                                            
date: Tue, 06 Dec 2022 13:11:34 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=037tD6Wa1l6tU7mIvzp%2B0faz4EFDgBNRJFTvEdKV5LyZaHhEu9HSXCoZ7%2FtlI7Bmd9n4FroVHfuQ3S%2BbKGQiSvWwTP4FpO4O6GNa%2Bjm23ky%2F7%2BKTlsxNm4jcFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775544a6bccb24ba-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /r/ihimizer/img300/1628/98663365sx9.jpg HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             104.21.235.175
HTTP/2 301 Moved Permanently
                                            
date: Tue, 06 Dec 2022 13:11:34 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLWHkSgzknPXTAzz0necmYE3jucFgbL8fCXALdsnJf6TzTy31GNBA2v2q7Wi6o0cgeHWOrgxPgQzzouAKchHskcKz%2FHw3FgqAIrHJRMO9Nax17QZbkS9aE1Mmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775544a6bcce24ba-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /r/ihimizer/img219/4097/17493144le5.jpg HTTP/1.1 
Host: 2img.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             104.21.235.175
HTTP/2 301 Moved Permanently
                                            
date: Tue, 06 Dec 2022 13:11:34 GMT
content-length: 178
location: https://2img.net/i/default.png
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPXPAyMgQjbtMgXJo6CvBo8W4hMIw9h%2FHpxMx6AMHGvA7zLBMprlYAQtsU%2FMmrS3zq7zeeBth9atT8gXMUhm2XpURlxJhNZu0wtKkfBBEMfPlrj9ALHTwfwCUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775544a6bcc924ba-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 2356
Cache-Control: 'max-age=158059'
Date: Tue, 06 Dec 2022 13:11:34 GMT
Last-Modified: Tue, 06 Dec 2022 12:32:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 2271
Cache-Control: max-age=167589
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638f224c-138"
Expires: Thu, 08 Dec 2022 11:44:43 GMT
Last-Modified: Tue, 06 Dec 2022 11:06:52 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 312

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 3017
Cache-Control: max-age=137022
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638ea7fb-117"
Expires: Thu, 08 Dec 2022 03:15:16 GMT
Last-Modified: Tue, 06 Dec 2022 02:24:59 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "6953F31DA4312FDB9B7B30B7ADD9E86D1B9F331C48B187F915E9CDE8B1668859"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1050
Expires: Tue, 06 Dec 2022 13:29:04 GMT
Date: Tue, 06 Dec 2022 13:11:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 3017
Cache-Control: max-age=137022
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638ea7fb-117"
Expires: Thu, 08 Dec 2022 03:15:16 GMT
Last-Modified: Tue, 06 Dec 2022 02:24:59 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /zone?pub=0&zone_id=2308013&is_mobile=false&domain=h1a1.ahlamontada.com&var=&ymid=&var_3= HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://h1a1.ahlamontada.com/
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:34 GMT
content-length: 758
x-trace-id: 575e766143288b27d142a7d3c89d0b38
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (757)
Size:   758
Md5:    45ff87b8204a6556eff82bb7a578dec2
Sha1:   79ae8badec4cfd82fa4659403132713ae47dc5d2
Sha256: eb110f9a42dbc6f902e9668b3cabd92690e3f97c7c6ce85a6b0930147881a8e5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 2077
Cache-Control: max-age=104780
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638e2db5-138"
Expires: Wed, 07 Dec 2022 18:17:54 GMT
Last-Modified: Mon, 05 Dec 2022 17:43:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 312

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lH7LnBvtIPnlQdEwp+juJA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        
                                             54.189.35.180
HTTP/1.1 101 Switching Protocols
                                            
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KX5++Yh1KabnlLq6LSAYGV+ugsA=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 2261
Cache-Control: max-age=163624
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638f12d9-138"
Expires: Thu, 08 Dec 2022 10:38:38 GMT
Last-Modified: Tue, 06 Dec 2022 10:00:57 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 312

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 2288
Cache-Control: max-age=163651
Date: Tue, 06 Dec 2022 13:11:34 GMT
Etag: "638f12d9-138"
Expires: Thu, 08 Dec 2022 10:39:05 GMT
Last-Modified: Tue, 06 Dec 2022 10:00:57 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 312

                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             178.250.2.146
HTTP/2 200 OK
                                            
date: Tue, 06 Dec 2022 13:11:34 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=zae6Ml80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3pNVkU4RXptdXZpczViMlVKYVZCV29Vc2dnN2VNbTAxeGRvT1dncyUyRlBtbw; expires=Sun, 31 Dec 2023 13:11:34 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 330062
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "2BBF9A00990733A43871E7786CE7D13ECD29DF5266B6F540DFEAFBE7D489BEDE"
Last-Modified: Tue, 06 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2952
Expires: Tue, 06 Dec 2022 14:00:47 GMT
Date: Tue, 06 Dec 2022 13:11:35 GMT
Connection: keep-alive

                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=zae6Ml80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3pNVkU4RXptdXZpczViMlVKYVZCV29Vc2dnN2VNbTAxeGRvT1dncyUyRlBtbw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                            
date: Tue, 06 Dec 2022 13:11:34 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=dVKZNF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3pNVkU4RXptdXZpczViMlVKYVZCV3JMaG5tbDE1ZW03ZG8lMkZGeXZNWmYwVA; expires=Sun, 31 Dec 2023 13:11:35 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 195826
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   129
Md5:    586f2cb52785901fd34646117378bffc
Sha1:   4cdb340cbee530630ba16e88c86cbfd7eabb5e8e
Sha256: 53ec071184949ac3bc8c3648a963df4a66fbf63fb3e53e9d71bfb071b9697f5b
                                        
                                            OPTIONS /custom HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://h1a1.ahlamontada.com/
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             139.45.197.250
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:35 GMT
content-length: 0
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2

                                        
                                            POST /custom HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://h1a1.ahlamontada.com/
Content-Type: application/json
Origin: https://h1a1.ahlamontada.com
Content-Length: 377
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:35 GMT
content-length: 39
x-trace-id: d1afafd6162de5dd68fd14d25254bcef
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            POST /custom HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://h1a1.ahlamontada.com/
Content-Type: application/json
Origin: https://h1a1.ahlamontada.com
Content-Length: 456
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:35 GMT
content-length: 39
x-trace-id: 07838c9af79b1a5939e2e4353b35802c
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "EF2E0268A5ED0CA7D64DFC1BAA3D56D55F4062E4D84972BC9423FE56DF585673"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6676
Expires: Tue, 06 Dec 2022 15:02:51 GMT
Date: Tue, 06 Dec 2022 13:11:35 GMT
Connection: keep-alive

                                        
                                            GET /sid/json?origin=publishertag&domain=ahlamontada.com&sn=FirefoxSyncframe&so=0&topUrl=h1a1.ahlamontada.com&info=dVKZNF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3pNVkU4RXptdXZpczViMlVKYVZCV3JMaG5tbDE1ZW03ZG8lMkZGeXZNWmYwVA&idsd=-1328676304,-103910117&cw=1&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=h1a1.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                            
date: Tue, 06 Dec 2022 13:11:34 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1060045
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 06 Dec 2022 13:11:35 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 01:33:16 GMT
Expires: Tue, 13 Dec 2022 01:33:15 GMT
Etag: "e664d98cd9803e5f179af596d8a2f50d79fc92b0"
Cache-Control: max-age=562299,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775544ae68540b06-OSL

                                        
                                            POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 
Host: datatechonert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 891
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             37.48.68.71
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                            
Server: nginx/1.19.10
Date: Tue, 06 Dec 2022 13:11:35 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://h1a1.ahlamontada.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    adb4650bfc9d2a73d4dd69583b0ceb14
Sha1:   1ce399d6e936232aaf2192cd7903a279c5015f22
Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Blocklists:
  - quad9: Sinkholed
                                        
                                            GET /api/vglnk.js HTTP/1.1 
Host: cdn.viglink.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             54.230.111.60
HTTP/2 200 OK
content-type: text/javascript
                                            
content-length: 28567
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Wed, 30 Nov 2022 16:53:51 GMT
cache-control: public, max-age=604800
etag: "072eaf64a771815874455704fca9301b"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TcR94AtvuxZAio3K9bpqbbz269Yp8eFzvg8PyPQCqURpTjNI0YZWSA==
age: 505064
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (693)
Size:   28567
Md5:    072eaf64a771815874455704fca9301b
Sha1:   6c6226d00f14bb800cd4390b3cd42df941be43b1
Sha256: bb35c8c300bd1acfe7ed86eb988f74ff2e8d86a4fb0409c5d78a890f9fd14b8e
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             142.250.74.14
HTTP/2 200 OK
content-type: text/javascript
                                            
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 06 Dec 2022 12:46:55 GMT
expires: Tue, 06 Dec 2022 14:46:55 GMT
cache-control: public, max-age=7200
age: 1480
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /libtrc/forumotion-ar/loader.js HTTP/1.1 
Host: cdn.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             151.101.129.44
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                            
x-amz-id-2: f2zIntPKHX93vvJXqG8L3+NLcXf7ww78xg+Tj9y8ZLE1VlxFNBfrO5xEdXBSH7fs2fBSfC8Vzr0=
x-amz-request-id: PP71G6FJHWSYMBRM
last-modified: Tue, 06 Dec 2022 11:10:28 GMT
etag: "8c9dc3e7d702fbfcd28f9103b84d0ace"
x-amz-version-id: 3qNIv4ahdEm5Zuy8O.8qx45eadxVoi4H
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:35 GMT
via: 1.1 varnish
age: 7261
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1670332296.697427,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 84
content-length: 25355
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65497)
Size:   25355
Md5:    4bc5dd4cdef34cb206b6ea76e9b5ee9e
Sha1:   e68617c6a10e3c4bbfa05642608cb6517df7db1e
Sha256: 5ed8624e2c2f1ad343ce224c2d82a43f29fc43b6143f5c03d3dc0fbb8c2f93c1
                                        
                                            GET /libtrc/impl.20221205-11-RELEASE.js HTTP/1.1 
Host: cdn.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             151.101.129.44
HTTP/2 200 OK
content-type: application/javascript
                                            
x-amz-id-2: DYxECbJNfHVNpTXb5rpMCl5HHVeRFiehGM1tEquNaZrk2fmXvGsNItpGVF6FuQN4qvadWVSEZ98=
x-amz-request-id: XCNF4CHYJC1N67G3
last-modified: Mon, 05 Dec 2022 10:10:47 GMT
etag: "43893876a4ea52c67090673399319ec4"
content-encoding: br
x-amz-version-id: o159E2PRPcuqaHGBdHTKchkNp5vyzKlK
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:35 GMT
via: 1.1 varnish
age: 10848
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 3826
x-timer: S1670332296.770489,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 15
server: AmazonS3-br
content-length: 146756
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65508)
Size:   146756
Md5:    43893876a4ea52c67090673399319ec4
Sha1:   df3173f84797a1aab214e8f8843e02a5c0dad6bb
Sha256: e275f113a5921c1effb4727c7586978f9227ce66c978095326e19e9e26d245de
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 06 Dec 2022 13:11:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-144347007-1&cid=65266756.1670332296&jid=1391414746&gjid=327942184&_gid=181888172.1670332296&_u=YEBAAUAAAAAAACAAI~&z=177300059 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             108.177.14.156
HTTP/2 200 OK
content-type: text/plain
                                            
access-control-allow-origin: https://h1a1.ahlamontada.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Dec 2022 13:11:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154532
Date: Tue, 06 Dec 2022 13:11:35 GMT
Etag: "638ef54b-1d7"
Expires: Thu, 08 Dec 2022 08:07:07 GMT
Last-Modified: Tue, 06 Dec 2022 07:54:51 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VnOABxonWM00y9q4YsMQ5shwHjU2nV-RCPDvfsHuQMRS9mgnSXVmPA==
Age: 737

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 06 Dec 2022 13:11:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /api/ping HTTP/1.1 
Host: api.viglink.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 129
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.246.116.79
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                            
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://h1a1.ahlamontada.com
Cache-Control: no-cache, no-store
Date: Tue, 06 Dec 2022 13:11:35 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 260
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   260
Md5:    58ca46098f61915a764637aaee2096a8
Sha1:   14eb4ebc0d73200d271eeb543014ae8f037ed888
Sha256: 27a37d68e1478e042b6d18983bdfdc4c40893f33d003aef53a721dbac8c0e948
                                        
                                            OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://h1a1.ahlamontada.com/
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        
                                             178.250.2.146
HTTP/2 200 OK
                                            
date: Tue, 06 Dec 2022 13:11:35 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://h1a1.ahlamontada.com
server-processing-duration-in-ticks: 359315
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 06 Dec 2022 13:11:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /rs3/66/frm/colcade/colcade.js HTTP/1.1 
Host: illiweb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             172.67.150.97
HTTP/2 200 OK
content-type: application/x-javascript
                                            
date: Tue, 06 Dec 2022 13:11:34 GMT
cache-control: max-age=31536000
cf-bgj: minify
access-control-allow-origin: *
expires: Thu, 23 Nov 2023 09:26:50 GMT
last-modified: Tue, 13 Sep 2022 13:39:25 GMT
x-cache-ne: EXPIRED
x-cache-pr: EXPIRED
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1136684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Va6XS%2FjW8ZdAY0aTVBiOYBY6AfKLfAOFhjyKAxEfbnEO%2BJYdIr85gnham2XpZjyCro0YvaYHYdXc95p96MIeAOLIDZLYLqD0PuVXiUJMC5Z8uvQoFVoz2u15Tmcv5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775544a66e93fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5633), with no line terminators
Size:   2301
Md5:    ba3f25435dce1bc6c6d8da8296181fcb
Sha1:   ed33d9dd49b0f3b6355b976f3cc496412bd948bb
Sha256: be17441ebe7b12c820c69013a96db50475ad9015ef87b630221485c6a471a20f
                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=65266756.1670332296&jid=1391414746&_u=YEBAAUAAAAAAACAAI~&z=2072311860 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             142.250.74.164
HTTP/2 200 OK
content-type: image/gif
                                            
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 13:11:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /js/ld/publishertag.js HTTP/1.1 
Host: static.criteo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             178.250.0.130
HTTP/2 200 OK
content-type: text/javascript
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:34 GMT
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-1e444"
expires: Wed, 07 Dec 2022 13:11:34 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   40420
Md5:    339dc161462639d817df2f5dfa10b06d
Sha1:   af22c7d203d32d093b21f16b552d965f47f4d6c0
Sha256: 7b4a17b426ca8c571e1549b951cdb9ebdda212030e7d885c0dceec17c90513f8
                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-144347007-1&cid=65266756.1670332296&jid=1391414746&_u=YEBAAUAAAAAAACAAI~&z=2072311860 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             142.250.74.163
HTTP/2 200 OK
content-type: image/gif
                                            
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 13:11:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /api/domains HTTP/1.1 
Host: api.viglink.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 235
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.246.116.79
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                            
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://h1a1.ahlamontada.com
Cache-Control: no-cache, no-store
Date: Tue, 06 Dec 2022 13:11:36 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 41
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   41
Md5:    f8ae578bad1bbeea1e1c5e1c3a7b2f02
Sha1:   7d4da545ed86e03a40a29ed7ddd442dd60f76afd
Sha256: 1d4e4bb09f817f96fa0163ca5c628970046109f84a3b3243c1c117abc7c53a9d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6640
Expires: Tue, 06 Dec 2022 15:02:16 GMT
Date: Tue, 06 Dec 2022 13:11:36 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 06 Dec 2022 13:11:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /?utm_source=pwa HTTP/1.1 
Host: h1a1.ahlamontada.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://h1a1.ahlamontada.com/serviceworker.js
Connection: keep-alive
Cookie: exadd=167034; _fa-screen=%7B%22w%22%3A1280%2C%22h%22%3A939%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             94.23.73.212
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                            
date: Tue, 06 Dec 2022 13:11:34 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
pragma: no-cache
expires: Tue, 06 Dec 2022 00:00:00 GMT
last-modified: Tue, 06 Dec 2022 13:11:34 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   12779
Md5:    95cc448d0375d204f3e480f4f954f9a7
Sha1:   ca5b3cecea57173cbec40f2d6f906c186a26e165
Sha256: 4da358706a4fdca75782028def81afb1c9a95ab052776a46e9483a3364938e0b
                                        
                                            GET /forumotion-ar/log/2/debug?tim=13%3A11%3A35.885&type=info&msg=728x90%20Thumbnails%20thumbnails-728x90&llvl=2&id=3178&cv=20221205-11-RELEASE&lt=deflated&pct=1 HTTP/1.1 
Host: trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             141.226.228.48
HTTP/2 204 No Content
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 21377
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /forumotion-ar/log/2/debug?tim=13%3A11%3A35.881&type=info&msg=%7B%22mode%22%3A%22thumbnails-desktop-a%22%2C%22container%22%3A%22taboola-below-desktop-forum-thumbnails%22%2C%22placement%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=9659&cv=20221205-11-RELEASE&lt=deflated&pct=1 HTTP/1.1 
Host: trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             141.226.228.48
HTTP/2 204 No Content
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 21377
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 06 Dec 2022 13:11:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /forumotion-ar/log/2/debug?tim=13%3A11%3A35.880&type=info&msg=%7B%22mode%22%3A%22thumbnails-728x90%22%2C%22container%22%3A%22taboola-728x90-thumbnails%22%2C%22placement%22%3A%22728x90%20Thumbnails%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=270&cv=20221205-11-RELEASE&lt=deflated&pct=1 HTTP/1.1 
Host: trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             141.226.228.48
HTTP/2 204 No Content
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 21377
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /forumotion-ar/log/2/debug?tim=13%3A11%3A35.877&type=info&msg=https%3A%2F%2Fh1a1.ahlamontada.com%2F&llvl=2&id=9228&cv=20221205-11-RELEASE&lt=deflated&pct=1 HTTP/1.1 
Host: trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             141.226.228.48
HTTP/2 204 No Content
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 21377
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 3968
x-amzn-requestid: 55111bc4-d002-44a0-855a-533251b144fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSveGo_IAMFQvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c9-28e0a83d7f9f1ffc7544bb3d;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _Hf2XblY73dHIIWTqWgeDzJJalBo6ooCAit1eQ8G8n4385ORBBDakA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
etag: "1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8"
age: 55470
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3968
Md5:    9838b65dde746487c806ee9739f8b222
Sha1:   1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8
Sha256: cf3ddc240b33d0f588d5acb30593b6846874a192bff9f5b69455877d7f63be53
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EQorA5VTb0s2BEIWBkdkhDho-bLdLVvu8LnAIQsQqsIjgBLneYqCzg==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:22 GMT
age: 55394
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11352
Md5:    7f2c354a00ab51d4a41221b6bf191c10
Sha1:   01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
Sha256: 7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 8656
x-amzn-requestid: cfc71f7f-d1c6-47c9-8107-864701dbf3c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwkEHmIAMFUnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d0-6705510852d26ae24b3e5ea4;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JVEVoNv1w1lqFYG0M8v2GK92-1MfPxn8SnZv5JZitWWEDuXJ4DwmqQ==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:41 GMT
age: 55375
etag: "cd923a5a3810bfe86be2eca4b97c739d76756d93"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8656
Md5:    30d72693680b3ac91c0eee4d47a26196
Sha1:   cd923a5a3810bfe86be2eca4b97c739d76756d93
Sha256: 69ca9e172f6b0c5bf158022d533701b89282630deaa0ce7df27ed459c9bfe75e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 54128
etag: "36082b7329d473829178f280cb71a83b1531e486"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11224
Md5:    b15136d60fd0a5e0f657a4f5c75d540f
Sha1:   36082b7329d473829178f280cb71a83b1531e486
Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
                                        
                                            GET /forumotion-ar/log/2/debug?tim=13%3A11%3A35.888&type=info&msg=Below%20Desktop%20Forum%20Thumbnails%20thumbnails-desktop-a&llvl=2&id=8151&cv=20221205-11-RELEASE&lt=deflated&pct=1 HTTP/1.1 
Host: trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             141.226.228.48
HTTP/2 204 No Content
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 21345
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8a7b1a4-645c-4164-abf9-5450ef421f97.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 8660
x-amzn-requestid: d5cf901f-bd2b-4269-918a-29a0bec09a40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uBG9IIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1326-63b4ea925878dab212409f2b;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZbrQ6wWHMvuPGfdujPdgWq3ahDYeTi0wGfwnn27xEBt6TvM8r0kMgQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:49:39 GMT
age: 55317
etag: "63483fc211cfb2808c7f37940a4065b4f4177c59"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8660
Md5:    fddffc8edfa3ca668c8ac740d34f46c5
Sha1:   63483fc211cfb2808c7f37940a4065b4f4177c59
Sha256: 3c736f085f8f25d68c3dd946d5a546dc6d1f5f6e94a0da17b7fd4662d61a0b50
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fNsYsKfPUM8QaG7-F1tSBDdsNit1BfYpWddNssXwyFO2HgdA0RpjAQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:21 GMT
age: 55035
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11175
Md5:    38b97436af942d5eb1111ca7043259a0
Sha1:   0234fe32c84c4711f0619714f3ac6d3db1b717d3
Sha256: a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8
                                        
                                            GET /forumotion-ar/log/2/debug?tim=13%3A11%3A35.878&type=usage&msg=rtus&llvl=2&id=9501&cv=20221205-11-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1 
Host: trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             141.226.228.48
HTTP/2 204 No Content
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 22152
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 1855
Cache-Control: max-age=153515
Date: Tue, 06 Dec 2022 13:11:36 GMT
Etag: "638eecf4-139"
Expires: Thu, 08 Dec 2022 07:50:11 GMT
Last-Modified: Tue, 06 Dec 2022 07:19:16 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1 
Host: csm.nl.eu.criteo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             178.250.2.150
HTTP/2 200 OK
content-type: image/gif
                                            
date: Tue, 06 Dec 2022 13:11:35 GMT
pragma: no-cache
server: Finatra
expires: 0
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            POST /custom HTTP/1.1 
Host: stootsou.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://h1a1.ahlamontada.com/
Content-Type: application/json
Origin: https://h1a1.ahlamontada.com
Content-Length: 741
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             139.45.197.250
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
content-length: 39
x-trace-id: d88870243cc171fc5b70b5cc8810f122
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   39
Md5:    058b158c2be925f556454ef762d93538
Sha1:   cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
Sha256: ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
                                        
                                            GET /libtrc/userx.20221205-11-RELEASE.es6.js HTTP/1.1 
Host: cdn.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             151.101.129.44
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                            
x-amz-id-2: HRTzyayje2p5un37ilHG1chckieyWALYMF4ecc5oVyinKBxax4OmZQsnxuZOgydO+EYzlmVIfLk=
x-amz-request-id: P8FHM7VH767EA5SE
x-amz-replication-status: PENDING
last-modified: Tue, 06 Dec 2022 11:05:56 GMT
etag: "5c5ae94767ba2838fbd5fefaf3a21979"
x-amz-version-id: 14nW9WznxoXMIf9MGGMhhVkgPmabEWvh
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
via: 1.1 varnish
age: 7512
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 470
x-timer: S1670332296.393612,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 15
content-length: 5398
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17842)
Size:   5398
Md5:    a77b908b61ec0f09ce05a2a371598871
Sha1:   89c78142368f39c21afd68642080de91e109ae89
Sha256: 1ac811531903f1c54798c8e3cfb2751097dc8ea087945a85acfd9afab889c37b
                                        
                                            GET /lite-unit/3.9.8/UnitWidgetItemDesktop.min.js HTTP/1.1 
Host: vidstat.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             151.101.129.44
HTTP/2 200 OK
content-type: application/javascript
                                            
last-modified: Tue, 22 Nov 2022 07:02:09 GMT
etag: "1842444d4bb92087143326a4d508875d"
server: AmazonS3
via: 1.1 b34d5d8e5954d0b7b46d5f0eb534c166.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: iVxUQ_yUDgKIDSZaR21P2jFvv94ZUaTAMQdnd9xsEMFJTpsmb2NMlg==
cache-control: public, max-age=2592000
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
age: 1231738
x-served-by: cache-bma1634-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 14014
x-timer: S1670332296.395632,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 29909
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   29909
Md5:    aac1042207afd54e1cf1befcaf3420cd
Sha1:   00f0597866330a850a1d6222861591f24dd18380
Sha256: ea77ece8880eb28ffe83e94ef787b4204f8b1b3d09f443011b898b13ed4bb706
                                        
                                            GET /libtrc/cta-component.20221205-11-RELEASE.es6.js HTTP/1.1 
Host: cdn.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             151.101.129.44
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                            
x-amz-id-2: 6XtlsWRR4acmrZKtzAn5Eo+TDm8JSa/MXFajXdAaofvHgzfKpbY4Zm7Km257/hIu1kXXr76sbXQ=
x-amz-request-id: 5RFZTDEZKT4Z05HA
x-amz-replication-status: PENDING
last-modified: Tue, 06 Dec 2022 11:04:58 GMT
etag: "4a994d821f81c4963a5a5f39d1db5604"
x-amz-version-id: kUzAJGYYiAvv8M0iWFEl67MiPs.D3.pi
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
via: 1.1 varnish
age: 7593
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 1176
x-timer: S1670332296.438990,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 15
content-length: 5107
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18924)
Size:   5107
Md5:    66a019155765b0c3e64757a496dd214b
Sha1:   c542b26040718331c14024cfae76f53b17fd2002
Sha256: d65a5a28c9ad7ec1538d4abed99d4fa9bf825b72310e897ade8ce0966f6535f4
                                        
                                            GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.standard.co.uk/s3fs-public/thumbnails/image/2018/08/23/09/07-denisovacave-excavation-2cmpi-eva.jpg%3Fwidth%3D646 HTTP/1.1 
Host: images.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             151.101.129.44
HTTP/2 200 OK
content-type: image/webp
                                            
server: nginx
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 417558056546189539108392775734138196291,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 417558056546189539108392775734138196291,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "7c4d43925d05e197d8d9464b060dbc9c"
last-modified: Thu, 10 Nov 2022 04:00:27 GMT
req-referer: https://tvline.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 6378c0fa512d8b5207c1bc6581ce75eb
x-envoy-upstream-service-time: 335
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
age: 2245819
x-served-by: cache-iad-kcgs7200141-IAD, cache-iad-kiad7000098-IAD, cache-chi-kigq8000144-CHI, cache-iad-kcgs7200159-IAD, cache-bma1634-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 1, 1
x-timer: S1670332297.509716,VS0,VE4
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//static.standard.co.uk/s3fs-public/thumbnails/image/2018/08/23/09/07-denisovacave-excavation-2cmpi-eva.jpg%3Fwidth%3D646
x-vcl-time-ms: 4
content-length: 13344
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   13344
Md5:    45c4a3bb708c66afee688bdfd2b37aeb
Sha1:   af1a13d197d33d945dccf818f3ccbfd1eff1db57
Sha256: a02a58108b0c9087cd57718182963737ff0ed2a984d3127f75139921c4d6914e
                                        
                                            GET /syncframe?origin=rtus&topUrl=h1a1.ahlamontada.com HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             178.250.2.146
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                            
date: Tue, 06 Dec 2022 13:11:36 GMT
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=9aa93a6e-b818-4b9e-88e7-2baa8ed81682; expires=Sun, 31 Dec 2023 13:11:36 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 773803
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   15560
Md5:    ed79ac7206ccf14f8bd8bd60abcbb283
Sha1:   e4614873765d8194ba3825d03b1c1ea495ffd8f9
Sha256: ce90f470fdfc460f5f1f4b90652b7f7c3aa7576efe6eab3c5982b4bc1e309685
                                        
                                            GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fa1e934877c2ead2f1b2140b01029181.png HTTP/1.1 
Host: images.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             151.101.129.44
HTTP/2 200 OK
content-type: image/webp
                                            
server: nginx
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 496389742428024346966628628086167263116,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 496389742428024346966628628086167263116,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
etag: "5bc28f7fc2f4609f7c4c9b9b6c2ebd0a"
expiration: expiry-date="Thu, 03 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Mon, 03 Oct 2022 10:40:59 GMT
req-referer: https://way2ott.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 89
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
age: 3006458
x-served-by: cache-iad-kjyo7100044-IAD, cache-iad-kjyo7100171-IAD, cache-lga21920-LGA, cache-iad-kiad7000174-IAD, cache-bma1634-BMA
x-cache: HIT, HIT, MISS, HIT, HIT
x-cache-hits: 1, 2, 0, 1, 1
x-timer: S1670332297.569376,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fa1e934877c2ead2f1b2140b01029181.png
x-vcl-time-ms: 1
content-length: 13646
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   13646
Md5:    e610796b1421c685ad9d241068f2fe63
Sha1:   de42226dea194eb6525eef381b8c7ae548b10a51
Sha256: 18e663b324a3e6a46d70c1019c5fc51f14e9a8d549148c8c3eb3eea3d38ece5c
                                        
                                            GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/95feb8a1bac1de99d9e6c645b9725250.jpeg HTTP/1.1 
Host: images.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             151.101.129.44
HTTP/2 200 OK
content-type: image/webp
                                            
server: nginx
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 454495853063637850906140981329147654090,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 454495853063637850906140981329147654090,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "ec6d70f4ec0995eac77e61f85630f33f"
last-modified: Tue, 11 Oct 2022 21:59:37 GMT
req-referer: https://www.georgetakei.com/professional-confessions-2658517700.html
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: b21130d179245eb3cead96f7e11271e7
x-envoy-upstream-service-time: 51
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
age: 3003632
x-served-by: cache-iad-kjyo7100165-IAD, cache-iad-kjyo7100042-IAD, cache-lga21960-LGA, cache-iad-kiad7000060-IAD, cache-bma1634-BMA
x-cache: MISS, HIT, MISS, HIT, HIT
x-cache-hits: 0, 1, 0, 843, 1
x-timer: S1670332297.569637,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/95feb8a1bac1de99d9e6c645b9725250.jpeg
x-vcl-time-ms: 1
content-length: 15102
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   15102
Md5:    009bf45f63d6e744fde0fed669b7ba83
Sha1:   cf6714349933074eef1f9d3d88b80e82a54cd0a6
Sha256: 734a1ec7dd0d9b121001aa3c30c8023093e9c0f3bee50ea4d1e48e933654c4ca
                                        
                                            GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif HTTP/1.1 
Host: images.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             151.101.129.44
HTTP/2 200 OK
content-type: image/jpeg
                                            
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 538475434606933197924381234642994484733,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 538475434606933197924381234642994484733,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
etag: "254d067d6a804e73ff0a5f0762483772"
last-modified: Fri, 09 Sep 2022 04:33:06 GMT
server: cloudinary
status: 200 OK
timing-allow-origin: *
x-request-id: 45d8b8154def9fbf7b891d69101fbdd0
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-backend-name: CLOUDINARY:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
age: 5367704
x-served-by: cache-iad-kiad7000031-IAD, cache-iad-kiad7000064-IAD, cache-bma1634-BMA
x-cache: MISS, HIT, MISS
x-cache-hits: 0, 78, 0
x-timer: S1670332297.509036,VS0,VE91
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.servimg.com/u/f62/13/32/79/54/uaouo10.gif
x-vcl-time-ms: 91
content-length: 22845
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x180, components 3\012- data
Size:   22845
Md5:    254d067d6a804e73ff0a5f0762483772
Sha1:   b17aa7d8a89d593ff4798819d268822a652e70d6
Sha256: e29bbead7fa31ec46d4909e5edc3acb52e4d3276e6ab408195b68e5b4f1be391
                                        
                                            POST /api/domains HTTP/1.1 
Host: api.viglink.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 282
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.246.116.79
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                            
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://h1a1.ahlamontada.com
Cache-Control: no-cache, no-store
Date: Tue, 06 Dec 2022 13:11:36 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Pragma: no-cache
Server: Apache-Coyote/1.1
Content-Length: 68
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   68
Md5:    c0b5700bcec385835c3e3868c677e37c
Sha1:   b0076a20b16e67fd2effc8311e9b33eb255338e7
Sha256: f4cbb471ee54cbcb21db291a5cbc165fedb321c09c6e7cbe87c087e7bf5895ae
                                        
                                            GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a193bd7b3c32fc36cbafa0d3991b06d4.jpg HTTP/1.1 
Host: images.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             151.101.129.44
HTTP/2 200 OK
content-type: image/webp
                                            
server: nginx
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 328911667776585363706232317130175042056,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 328911667776585363706232317130175042056,378603099105430713408637329582199312940,29ecf9b93bbf306179626feeda1fab70
etag: "87f123e59d8980c3b081393313ab4e94"
last-modified: Wed, 09 Nov 2022 05:42:11 GMT
req-referer: https://h1a1.ahlamontada.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: ae28e36148dadf23e6f195379085e203
x-envoy-upstream-service-time: 110
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
age: 1890029
x-served-by: cache-iad-kiad7000131-IAD, cache-iad-kcgs7200051-IAD, cache-chi-kigq8000141-CHI, cache-iad-kjyo7100048-IAD, cache-bma1634-BMA
x-cache: MISS, HIT, MISS, MISS, MISS
x-cache-hits: 0, 3, 0, 0, 0
x-timer: S1670332297.568962,VS0,VE237
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a193bd7b3c32fc36cbafa0d3991b06d4.jpg
x-vcl-time-ms: 237
content-length: 12702
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   12702
Md5:    305409e15f4a235e0b65f48b2dfaf9b2
Sha1:   63df1adc7138abbbb2ddda9b286e9f9fc50c46b2
Sha256: 718cc7308f3037c2369ac3e5f070aa8feacb8e77d17b0f487319e303c3830377
                                        
                                            GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7QAwCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJDVbDjcmi8OtWS02a9FgZVtLjKuVW-FajDbD4cS3svmGQFKz5XBjsjjcmtVisxYNVra1xLhauRWuxWgzHE58K5tvChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXi90LBxzhdHscPvtpofJYdf43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMUQvz6EPffyZCdRAWERIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABBCeQ64sZukOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALugBYnULshrPFbjTbjGYHAAAAcPf___-vB2KemWfl2jhXxpFxZBjZJh7XYrccLic202qz8Di8V-hidjRH2xrRF3GT4fA5GIiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEmcls43IONmuJx-VyizYb11q5GtnWmpXFZloMJ4bVyuYWvT6mh3G4cQ2GWxQMiNiL5GmRTjQL42K3MJmWw9nCt3IZVsbZyOXxTDYT52I42awmYonmZJFOZJd9zTPzrFwb58o4Mo4MI9vE41rslsPlxGZabRYeh78zmW1czsFmLfG4XG7RZuNaK1cj21qzsthMi-HEsFrZ3KLXx_QwDjeuwXDfmO0Gm81kspztG7PdYLOZTJazfYfO8F19zkZncDzx2LRb70z9szkMCpfB4v19LtJmtHEzqrRhi0V1Le5cE6tOGzsZOwezQeEbXhPD30_9vHazt4PYYFDEEsFFOpH5La-33_T0290Ky0UsUZou0oleIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-4NHU-pjf1q_S_lDIritGD5R3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BT31wo9cKP_AQ5WA0H!&cmcv=&pix=31589837&cb=1670332296714&uv=3245&tms=1670332296714&abt=mprdctdt6_vA!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670332293234!ts:1670332296714&mntl=1 HTTP/1.1 
Host: am-vid-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             141.226.228.48
HTTP/2 200 OK
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /forumotion-ar/log/2/debug?tim=13%3A11%3A36.413&type=info&msg=Finish%20Rendering%20728x90%20Thumbnails&llvl=2&id=7471&cv=20221205-11-RELEASE&lt=deflated&pct=1 HTTP/1.1 
Host: il-trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             185.106.33.48
HTTP/2 204 No Content
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 73784
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /forumotion-ar/log/2/debug?tim=13%3A11%3A36.416&type=info&msg=Finish%20Rendering%20Below%20Desktop%20Forum%20Thumbnails&llvl=2&id=6944&cv=20221205-11-RELEASE&lt=deflated&pct=1 HTTP/1.1 
Host: il-trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             185.106.33.48
HTTP/2 204 No Content
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 73784
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /forumotion-ar/log/3/abtests?route=AM:IL:V&lti=deflated&ri=3a817ad4986a7ee0e86dec323b918235&sd=v2_f3f3e5c9e8d8d0d6bc517989bf453aca_326ce903-bcee-43c5-95d6-3ebf418b05ef-tucta88c508_1670332296_1670332296_CNawjgYQ3pxDGMvVwLzOMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ui=326ce903-bcee-43c5-95d6-3ebf418b05ef-tucta88c508&pi=/&wi=-7764447088115785453&pt=text&vi=1670332295883&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1670332296303%7D&tim=13%3A11%3A36.304&id=634&llvl=2&cv=20221205-11-RELEASE& HTTP/1.1 
Host: il-trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             185.106.33.48
HTTP/2 204 No Content
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

                                        
                                            GET /forumotion-ar/log/2/debug?tim=13%3A11%3A36.423&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2360&cv=20221205-11-RELEASE&lt=deflated&pct=1 HTTP/1.1 
Host: il-trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             185.106.33.48
HTTP/2 204 No Content
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 73784
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /forumotion-ar/log/2/debug?tim=13%3A11%3A36.305&type=info&msg=Finish%20Rendering%20728x90%20Thumbnails&llvl=2&id=6837&cv=20221205-11-RELEASE&lt=deflated&pct=1 HTTP/1.1 
Host: il-trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             185.106.33.48
HTTP/2 204 No Content
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 73784
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /forumotion-ar/log/2/debug?tim=13%3A11%3A36.326&type=info&msg=Start%20Rendering%20Below%20Desktop%20Forum%20Thumbnails&llvl=2&id=863&cv=20221205-11-RELEASE&lt=deflated&pct=1 HTTP/1.1 
Host: il-trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             185.106.33.48
HTTP/2 204 No Content
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 73784
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /forumotion-ar/log/2/debug?tim=13%3A11%3A36.297&type=info&msg=Start%20Rendering%20728x90%20Thumbnails&llvl=2&id=2054&cv=20221205-11-RELEASE&lt=deflated&pct=1 HTTP/1.1 
Host: il-trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             185.106.33.48
HTTP/2 204 No Content
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 73784
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /forumotion-ar/log/2/debug?tim=13%3A11%3A36.342&type=info&msg=Finish%20Rendering%20Below%20Desktop%20Forum%20Thumbnails&llvl=2&id=4212&cv=20221205-11-RELEASE&lt=deflated&pct=1 HTTP/1.1 
Host: il-trc-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             185.106.33.48
HTTP/2 204 No Content
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
x-fastly-to-nlb-rtt: 73784
access-control-allow-credentials: true
X-Firefox-Spdy: h2

                                        
                                            GET /iev?entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1 HTTP/1.1 
Host: csm.nl.eu.criteo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             178.250.2.150
HTTP/2 200 OK
content-type: image/gif
                                            
date: Tue, 06 Dec 2022 13:11:36 GMT
pragma: no-cache
server: Finatra
expires: 0
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /vpaid/units/32_4_5/assets/css/cmOsUnit.css HTTP/1.1 
Host: vidstat.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             151.101.129.44
HTTP/2 200 OK
content-type: text/css
                                            
x-amz-id-2: Bf8dw0NjA07TfpEMmKBaL+UFJWQuALEo7owO+vyJS0Z7+UM4VbN5qXqenI+jCaBsTF8hL6tqRMY=
x-amz-request-id: 89SNZ5N6GV47VA34
last-modified: Mon, 28 Nov 2022 10:07:46 GMT
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-ctime: 1669630065
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1669630064
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
via: 1.1 varnish
age: 702137
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 129673
x-timer: S1670332297.975342,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 8297
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   8297
Md5:    a28320a69408adba1f01f56d6eb80708
Sha1:   8012c7108fab547cf31481cfda7cb49e654a0542
Sha256: befbb274b7045e7e5791a4badbe46e1a2e367e6570da7cd0ac127acc4b8e8991
                                        
                                            GET /tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fh1a1.ahlamontada.com%2F&encoded=1&uid=326ce903-bcee-43c5-95d6-3ebf418b05ef-tucta88c508&variant=0|1786174634&callback=TRC.videoTagCallbacks.videoCallback2&cb=1670332296368&tagid=&cntry=NO&platform=1&sesid=f3f3e5c9e8d8d0d6bc517989bf453aca&itemid=/&viewid=1670332295883&geolat=&geoing=&deviceifa=&appid=&sd=v2_f3f3e5c9e8d8d0d6bc517989bf453aca_326ce903-bcee-43c5-95d6-3ebf418b05ef-tucta88c508_1670332296_1670332296_CNawjgYQ3pxDGMvVwLzOMCABKAEwogE434cMQJ6XEEj5qNkDUN6lI1gAYABop5bpoOzs57vmAXAA&ri=4e0cdec404ee37197649557884b16208&appname=&cdb=&gdprApplies=true&rid=&sii=-7764447088115785453&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=03&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1037540&prcnt=&layer=&normp=1&gvv=9058 HTTP/1.1 
Host: 15.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             151.101.129.44
HTTP/2 200 OK
content-type: text/html;charset=ISO-8859-1
                                            
server: nginx
machineid: 1443
link: <https://am-wf.taboola.com>; rel=preconnect
xvid-debug: mrmr - :
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670332296.443056,VS0,VE31
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30450), with no line terminators
Size:   8776
Md5:    d5e17e5b302e50bd06b0552d079d0e17
Sha1:   9bd2f6b93a3d3c05f7cfc1886e8a050d1531a35c
Sha256: ea669917bf814c4f4ff00d92f6e0f21a8cd11ea3a7b01e9eb71e91e480b5a403
                                        
                                            GET /vpaid/units/32_4_5/infra/cmTagWIDGET_ITEM.js HTTP/1.1 
Host: vidstat.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             151.101.129.44
HTTP/2 200 OK
content-type: application/javascript
                                            
x-amz-id-2: NxcjemMMJRUsCExBkB2iiVRl9DgwLdtVaii0IcyucefSWzHY1Wd9p4I32adBzeHQ7741KdCnChI=
x-amz-request-id: 89SJXSQ72NB1B3KT
last-modified: Mon, 28 Nov 2022 10:06:56 GMT
etag: "2b361da912acc8f13f4f1b545047025f"
x-amz-meta-ctime: 1669630015
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1669630014
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
via: 1.1 varnish
age: 702138
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 58622
x-timer: S1670332297.992650,VS0,VE0
vary: Accept-Encoding
server: AmazonS3-br
content-encoding: br
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-length: 127788
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size:   127788
Md5:    2b361da912acc8f13f4f1b545047025f
Sha1:   af3a70c02bb88e27a151e8edf4a93931ace2aced
Sha256: 7f44e7dee5fbeb1334cdcb6b06d37dbf74a5ce2c65d4494843a2dabd98f2ef1b
                                        
                                            GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&cmcv=&pix=31589837&cb=1670332296963&uv=3245&tms=1670332296963&abt=mprdctdt6_vA!ntvc_vB!smbs!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1670332293234!ts:1670332296963&mntl=1 HTTP/1.1 
Host: am-vid-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             141.226.228.48
HTTP/2 200 OK
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:37 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /sid/json?origin=rtus&domain=ahlamontada.com&sn=FirefoxSyncframe&so=3&topUrl=h1a1.ahlamontada.com&bundle=fkmNY19IVHgwa3lFWjV5NmNlODN6T0V5T0g2WTJvR01UYjRrcnV6M2J1THJwWXNNNHppeXhZcjJ2ZktPc3VMMmViWUVZMDFIUCUyRndCM3JJNHdER2ZHaFVackc2d1FnbGJNVjd1JTJCTTFqZHA5TVdsRFBvNEdpZjlxd1VlUlQlMkJXS1E0Mmk1TSUyQmhnSUlqSmNhdWZnQ092JTJCMkpMWDFBJTNEJTNE&info=w_vYaF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3pNVkU4RXptdXZpczViMlVKYVZCV3FjUUVNa3V1TWRkTmlCOEFXak84TDM&idsd=-1328676304,-103910117&cw=1&rtusCallerId=72&lsw=1 HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=h1a1.ahlamontada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                        
                                             178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                            
date: Tue, 06 Dec 2022 13:11:36 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1360030
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 3042
Cache-Control: 'max-age=158059'
Date: Tue, 06 Dec 2022 13:11:37 GMT
Last-Modified: Tue, 06 Dec 2022 12:20:55 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 4287
Cache-Control: max-age=130374
Date: Tue, 06 Dec 2022 13:11:37 GMT
Etag: "638e8910-1d7"
Expires: Thu, 08 Dec 2022 01:24:31 GMT
Last-Modified: Tue, 06 Dec 2022 00:13:04 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /newidsd HTTP/1.1 
Host: gem.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                        
                                             185.235.84.66
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                            
date: Tue, 06 Dec 2022 13:11:36 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 62359
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             185.94.180.126
HTTP/1.1 302 Found
Content-Type: text/plain
                                            
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=83d84adb-7567-11ed-aa47-1ce730eb0306; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83d84b19-7567-11ed-aa47-1ce730eb0306
X-fe: 140
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /sync?dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&excid=22&docw=0&cijs=1&nlb=true HTTP/1.1 
Host: am-match.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             141.226.228.48
HTTP/2 200 OK
content-type: text/html;charset=ISO-8859-1
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:37 GMT
machineid: 3407
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   89147
Md5:    9d954326942304001a7751c9a64a6ef2
Sha1:   08e5598cb3c25b92301a257e60e95a92dbbbd821
Sha256: 9cd8bd422292869147842df0e9b2cd12c0bf9d465aa789bd152786848d73b1f4
                                        
                                            GET /vid/blackScreen5.mp4 HTTP/1.1 
Host: vidstatb.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             151.101.129.44
HTTP/2 206 Partial Content
content-type: video/mp4
                                            
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-mode: 33188
x-amz-meta-gid: 0
x-amz-meta-uid: 0
x-amz-meta-mtime: 1497790207
server: AmazonS3
via: 1.1 9803a30a87f1ec1047cb2b8ad5ecc43e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: gopM2XYfUoVUFmJXQ0440-QEF6IoAyvdLK0EUOquu3M35zK6ZGLwLg==
cache-control: public, max-age=2592000
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:37 GMT
age: 387274
x-served-by: cache-bma1634-BMA
x-cache: Hit from cloudfront, HIT
x-cache-hits: 136615
x-timer: S1670332297.389171,VS0,VE0
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-headers: *
content-range: bytes 0-90783/90784
content-length: 90784
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   90784
Md5:    b2b087fe4ae638c533731c347fcd4df8
Sha1:   62851c888c21bb51cc04f13b6fc0451279fe0425
Sha256: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             185.94.180.126
HTTP/1.1 302 Found
Content-Type: text/plain
                                            
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=83f0c5d5-7567-11ed-99e5-1eddb0c50206; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f0c63c-7567-11ed-99e5-1eddb0c50206
X-fe: 48
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             185.94.180.126
HTTP/1.1 302 Found
Content-Type: text/plain
                                            
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=83f0c1a4-7567-11ed-ac6f-1365eaaf0506; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f0c1f7-7567-11ed-ac6f-1365eaaf0506
X-fe: 6
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             185.94.180.126
HTTP/1.1 302 Found
Content-Type: text/plain
                                            
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=83f0ef94-7567-11ed-99dc-1093d7b30306; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f0effe-7567-11ed-99dc-1093d7b30306
X-fe: 7
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /sync?dast=V7QAwCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJDVbDjcmi8OtWS02a9FgZVtLjKuVW-FajDbD4cS3svmGQFKz5XBjsjjcmtVisxYNVra1xLhauRWuxWgzHE58K5tvChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXi90LBxzhdHscPvtpofJYdf43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMUQvz6EPffyZCdRAWERIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABBCeQ64sZukOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALugBYnULshrPFbjTbjGYHAAAAcPf___-vB2KemWfl2jhXxpFxZBjZJh7XYrccLic202qz8Di8V-hidjRH2xrRF3GT4fA5GIiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEmcls43IONmuJx-VyizYb11q5GtnWmpXFZloMJ4bVyuYWvT6mh3G4cQ2GWxQMiNiL5GmRTjQL42K3MJmWw9nCt3IZVsbZyOXxTDYT52I42awmYonmZJFOZJd9zTPzrFwb58o4Mo4MI9vE41rslsPlxGZabRYeh78zmW1czsFmLfG4XG7RZuNaK1cj21qzsthMi-HEsFrZ3KLXx_QwDjeuwXDfmO0Gm81kspztG7PdYLOZTJazfYfO8F19zkZncDzx2LRb70z9szkMCpfB4v19LtJmtHEzqrRhi0V1Le5cE6tOGzsZOwezQeEbXhPD30_9vHazt4PYYFDEEsFFOpH5La-33_T0290Ky0UsUZou0oleIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-4NHU-pjf1q_S_lDIritGD5R3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BT31wo9cKP_AQ5WA0H!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1 
Host: am-match.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             141.226.228.48
HTTP/2 200 OK
content-type: text/html;charset=ISO-8859-1
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:36 GMT
machineid: 3402
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (742), with no line terminators
Size:   742
Md5:    98a76f3a7fd5e8337ef3301d5d69d0d7
Sha1:   f7c260a4e32ec68e61dc6e25c3b7e4d2b572c6a6
Sha256: 878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3
                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             185.94.180.126
HTTP/1.1 302 Found
Content-Type: text/plain
                                            
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=83f64730-7567-11ed-8b97-175cf56a0106; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f6476b-7567-11ed-8b97-175cf56a0106
X-fe: 24
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f0c63c-7567-11ed-99e5-1eddb0c50206 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             185.94.180.126
HTTP/1.1 204 No Content
Content-Type: text/plain
                                            
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=83f746cd-7567-11ed-8c7d-14c817940406; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 33
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f0c1f7-7567-11ed-ac6f-1365eaaf0506 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             185.94.180.126
HTTP/1.1 204 No Content
Content-Type: text/plain
                                            
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=83f76be4-7567-11ed-907c-1f057aaa0106; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 131
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f0effe-7567-11ed-99dc-1093d7b30306 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             185.94.180.126
HTTP/1.1 204 No Content
Content-Type: text/plain
                                            
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=83f78dff-7567-11ed-a8e0-1a4ab9540206; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 39
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=83f6476b-7567-11ed-8b97-175cf56a0106 HTTP/1.1 
Host: sync.search.spotxchange.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             185.94.180.126
HTTP/1.1 204 No Content
Content-Type: text/plain
                                            
Server: nginx
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=83fad94d-7567-11ed-a608-1d03a5b20506; expires=Tue, 03-Jan-2023 13:11:37 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 87
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Tue, 06 Dec 2022 13:11:37 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 10 Dec 2022 09:54:01 GMT
ETag: "ea8b1037b25df00392f580798aaac32049233fbc"
Last-Modified: Tue, 06 Dec 2022 09:54:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3496
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775544bb7e35b4ed-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    aea11d65133e4227ef7ebe8ba940b408
Sha1:   ea8b1037b25df00392f580798aaac32049233fbc
Sha256: d0e2ce25802eb0f222b62b5bd77be2741be350c88215fb44b05ccf661e157358
                                        
                                            POST /VideoBidRequestHandlerServlet?oid=15&width=728&height=409&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1670332296729&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1489&pt=1304273325&tz=0&viewable=true&ddast=V7QAwCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJDVbDjcmi8OtWS02a9FgZVtLjKuVW-FajDbD4cS3svmGQFKz5XBjsjjcmtVisxYNVra1xLhauRWuxWgzHE58K5tvChE3GQ6fg4Go6Hpb7A6n2fOGDjSdDp_rXi90LBxzhdHscPvtpofJYdf43X45AAAAADz8____QwAAAABEAAAAAEgAAAAAUARU_FsIXAAAAABg_P___2sAfHIQvOfs9wcAAAAACAAAAAAJwMBqQAnAx_nKyf________9_zAB95o3M_____41BD8CDD8CDEAAAwMUQvz6EPffyZCdRAWERIwAAAIAtLRXNo0mdUFlU_f__91sBXAEABBCeQ64sZukOSryFAQAAAIwt0MPi95sddo3f7bL_________f7P_s380obfR67QgltFrtV9AAIC1X0AAADZ1AwB4C4ALugBYnULshrPFbjTbjGYHAAAAcPf___-vB2KemWfl2jhXxpFxZBjZJh7XYrccLic202qz8Di8V-hidjRH2xrRF3GT4fA5GIiKrrfF7nCaPfejaMlyt9ytRpPFaLRcbnbDzWiwv4EYrAY4EYPlcjJZTHar0Wq0Ge5Gs8ECBWIwQYqWrJbL5WqzWa12o8VssFkONxukaNVqNtoMhqvZZLbbrYaD4XI0QoqWLHfL3Wo0WYxGy-VmN9yMBkOEmcls43IONmuJx-VyizYb11q5GtnWmpXFZloMJ4bVyuYWvT6mh3G4cQ2GWxQMiNiL5GmRTjQL42K3MJmWw9nCt3IZVsbZyOXxTDYT52I42awmYonmZJFOZJd9zTPzrFwb58o4Mo4MI9vE41rslsPlxGZabRYeh78zmW1czsFmLfG4XG7RZuNaK1cj21qzsthMi-HEsFrZ3KLXx_QwDjeuwXDfmO0Gm81kspztG7PdYLOZTJazfYfO8F19zkZncDzx2LRb70z9szkMCpfB4v19LtJmtHEzqrRhi0V1Le5cE6tOGzsZOwezQeEbXhPD30_9vHazt4PYYFDEEsFFOpH5La-33_T0290Ky0UsUZou0oleIpYIThfpRPQyni7qPzLkYq4czEWTuWI1WiUAAAAAAAAAgCXMmTcBAAAAOA1kNNgMV-s8kMFysFuulgsA4eyl-4NHU-pjf1q_S_lDIritGD5R3Phxg_ktr7ff9PTb3QrLlQEeqMmZN38miLVaLWsAAAABbAAAgABu3bwFYDPx_____3EAAAAycvQAAADi-0BT31wo9cKP_AQ5WA0H!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2090795&dpubid=240385&abtst=mprdctdt6_vA!ntvc_vB!smbs!ufm&mPre=0.025&cirf=https%3A%2F%2Fh1a1.ahlamontada.com&en=1 HTTP/1.1 
Host: wf.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 133
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             151.101.129.44
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                            
server: nginx
machineid: 1439
pragma: no-cache
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:36 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670332297.865564,VS0,VE77
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1 
Host: match.adsrvr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             35.71.131.137
HTTP/2 200 OK
content-type: image/gif
                                            
date: Tue, 06 Dec 2022 13:11:37 GMT
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   70
Md5:    58a7930cd4577fc33c35828c271eab8f
Sha1:   406e57f86dc101e10f3a57be1e2f7b93c4580474
Sha256: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
                                        
                                            GET /ups/58534/occ HTTP/1.1 
Host: ups.analytics.yahoo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             3.126.56.137
HTTP/2 302 Found
                                            
date: Tue, 06 Dec 2022 13:11:37 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58534/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBIk_j2MCED_2hPZ8LDeJ3rFv5VZw8WUFEgEBAQGRkGOZYwAAAAAA_eMAAA&S=AQAAAn2MBZQyyv8MAJYqZ3Xm_-M; Expires=Wed, 6 Dec 2023 19:11:37 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

                                        
                                            POST /forumotion-ar/log/3/visible?route=AM%3AIL%3AV&lti=deflated HTTP/1.1 
Host: trc.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1411
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             151.101.129.44
HTTP/2 204 No Content
content-type: image/gif
                                            
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:37 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670332298.526625,VS0,VE85
x-vcl-time-ms: 85
X-Firefox-Spdy: h2

                                        
                                            POST /forumotion-ar/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=2 HTTP/1.1 
Host: trc.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 4903
Origin: https://h1a1.ahlamontada.com
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             151.101.129.44
HTTP/2 204 No Content
content-type: image/gif
                                            
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://h1a1.ahlamontada.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:37 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670332298.526620,VS0,VE91
x-vcl-time-ms: 91
X-Firefox-Spdy: h2

                                        
                                            GET /st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=8083555&crid=5664665&dast=V7SOsCFgNSAtdJgjLKjARSAtdJgjLKjAUAAAAGBuIHJOOcbHaj0WKtm4w8a9FislxLDJvVWjbxjEaGwcJlcc2GQAKTmWFlcbjWuo3JsBZtFhO3wjmxuAWr5Wpkm-wWttFqCh7CMvt9BxHL8zX9DQcZ3_J6G0RF19tidzjNnjd0oOl0-Fz3eqFj4ZgrjGaH2283PUwOu8bv9ssBAAAA4AHA6i0T4gcQACACAAAAQAIAAACAIqDi30LgAgAAAAADwIDkQgPgk4PgPWe_PwAAGrZAAAAEMEgABlYDSgA-zldOAAAAAAAAAABY_v___2MA9rDGZABG9nd6AB58AB6ICkaLGAEAAABsaaloHk3qhMqiCgCAIN0K4AoAIIDwHLLFIAwAAABgbIEeFr_f7LBr_G6XAQAAAAAAAACY_Z_9owm9jV6nBbGMXqv9AgIArP0CAgCwqRsAwFsAXNAFwOoUYjecLXaj2WY0OwAAAIC7____fz0Q88w8K9fGuTKOjCPDyDbxuBa75XA5sZlWm4XH4b1CF7OjOdrWiD4PYZn9voOI5fma_oaDjG95vQ2iouttsTucZs_9KFqy3C13q9FkMRotl5vdcDMa7G8gBqsBTsRguZxMFpPdarQabYa70WywQIEYTJCiJavlcrnabFar3WgxG2yWw80GKVq1mo02g-FqNpntdqvhYLgcjZCiJcvdcrcaTRaj0XK52Q03o8EQYWYy27icg81a4nG53KLNxrVWrka2tWZlsZkWw4lhtbK5Ra-P6WEcblyD4RYFAyL2IrhIJzK_5fX2m55-u1thuYglmpNFOpFd9jXPzLNybZwr48g4MoxsE49rsVsOlxObabVZeBz-zmS2cTkHm7XE43K5RZuNa61cjWxrzcpiMy2GE8NqZXOLXh_TwzjcuAbDfWO2G2w2k8lytm_MdoPNZjJZzvYdOsN39TkbncHxxGPTbr0z9c_mMChcBov397lIm9HGzajShi0W1bW4c02sOm3sZOwczAaFb3hNDH8_9fPazd4OYoNBEUsEp4t0InoZTxexRPK0SCeilWFjcnlMg9HK5dktlrvZaLla7YbD0cQxmwyGE7FEabpIJ3qJ-o8MuZgrB3PRZK5YjVYJAAAAAAAAAGAJc-ZNAAAAAE4DGQ02w9VyASCcvXR_8GhKfexP63cpf0gEtxXDJ4obP24wv-X19puefrtbYbkywAM1OfNmzwSxVqtlDQAAIIANAAAQwK2btwBsRm4faOqbC6Ve-JGfIAer4QA!&cmcv=&pix=&cb=1670332297545&uv=3245&tms=1670332297545&su=&abt=mprdctdt6_vA!ntvc_vB!smbs!t120!ufm_vA&ft=0&unm=WIDGET_ITEM&mntl=1& HTTP/1.1 
Host: am-vid-events.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             141.226.228.48
HTTP/2 200 OK
                                            
server: nginx
date: Tue, 06 Dec 2022 13:11:37 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1 
Host: cdn.taboola.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://h1a1.ahlamontada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                        
                                             151.101.129.44
HTTP/2 200 OK
content-type: image/png
                                            
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
server: AmazonS3
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:11:37 GMT
via: 1.1 varnish
age: 20331
x-served-by: cache-bma1634-BMA
x-cache: HIT
x-cache-hits: 2381
x-timer: S1670332298.733927,VS0,VE0
cache-control: private,max-age=31536000
abp: 15
content-length: 254
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Size:   254
Md5:    dfa7b52c86e56bd67fa4002f6ed19854
Sha1:   7df722645482433c2b5c8d8ab4272a9874592f27
Sha256: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103284
Date: Tue, 06 Dec 2022 13:11:37 GMT
Etag: "638e26a6-1d7"
Expires: Wed, 07 Dec 2022 17:53:01 GMT
Last-Modified: Mon, 05 Dec 2022 17:13:10 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1IevKRBhfbbJjOayNpHJKodPs9mFIhH1HdXNK1J1Ce1apsFEuuLAPA==
Age: 2391

                                        
                                            GET /utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP/1.1 
Host: secure-assets.rubiconproject.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                        
                                             2.21.206.244
HTTP/2 301 Moved Permanently
                                            
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date: Tue, 06 Dec 2022 13:11:37 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache