balagh-sa.com/adv/
301 Moved Permanently 707 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET /adv/ HTTP/1.1
Host: balagh-sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Sep 2022 21:09:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
location: https://balagh-sa.com/adv/
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ZjFfFEKYOn48U7HpHHqk0wFu5r2jtExtX1ihIUBchiKdzAi7nU3JH%2BAe%2FrjwoYMWLNKwk2jX%2F2NPiqp0InyIMxp9jlpSno2iLdz3%2FjIrX1rSKPCpPZO7Epp2rg9hIBH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 746a2f890e05fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 21:04:27 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LmuSVi5O2yGZtxt-1n6FtF3olg0OiO-WD2TXLFujI9PFEnohr5Afnw==
Age: 299
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3211
Expires: Tue, 06 Sep 2022 22:02:57 GMT
Date: Tue, 06 Sep 2022 21:09:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -1n96X07RkrP_WbADp9XU0agsxdRs6bX1JVq_D3Ofr_VD4g-Dq82eg==
age: 71649
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 21:09:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
old.assets-landingi.com/bootstrap/js/landend.bootstrap.min.js
200 OK 2.2 kB URL HTTP/2 old.assets-landingi.com/bootstrap/js/landend.bootstrap.min.js
IP
File type ASCII text, with very long lines (4762)
Hash e3b85c0f19ca49b9e927e0dca2b88b73
cb73205e89e51fc51f318ad21b7b83e6cbf8e83f
24323e4835c7cf153236a4f3a09fe668f8e06d81964e04945368686445a3e669
GET /bootstrap/js/landend.bootstrap.min.js HTTP/1.1
Host: old.assets-landingi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 21:09:27 GMT
content-type: application/x-javascript
x-amz-id-2: wy3xl143GQj086zVxhM3OCnEnkQHVKdvrA86uEVZR77Z9D9TqXegFKWjJnWLCiD/uq2kj7f4cAI=
x-amz-request-id: A1RZWJEK9XDYVM49
last-modified: Mon, 04 Jul 2016 09:10:55 GMT
etag: W/"caae3dfb363221461dc59ab8dca8497b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2601
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUNVO93Q2Q%2B5XCb%2BaJvHF4RLOylDc8oQ7UEl47aPEIRbaNGWbA2iySxPB%2FLYMY7pT3tHHZ9VXfnjEQtJapX0EorGZk9NY83FmJBi28Sb1TrZRl6YN4TElybfwcduxYp5BGucQab%2FaWjAqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a2f8d1b9bb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
IP
File type ASCII text, with very long lines (32089)
Hash bf899cc5ba60c522341e4d712a5246bf
2c92c54c9919c8b81b4e77a97bfd4d8f202e1a6a
4f8b9bf1630c24cf17444ec093052451c370c9371212db74b4bf8b4fd71a2817
GET /ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33018
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 16:58:46 GMT
expires: Tue, 05 Sep 2023 16:58:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 101441
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash 733fdef149e4e878a47af0e353e741b5
aad3e59dbc64ba65e945f4cac3fa632ced865eb8
a4296db51d56ca61f7a04ede3bbd75560e9bf8d7693c8f9fac608d9336f5b7e8
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Tue, 06 Sep 2022 21:09:27 GMT
Connection: keep-alive
X-N: S
old.assets-landingi.com/assets/js/dist/landend/301019/landend.js
200 OK 2.2 kB URL HTTP/2 old.assets-landingi.com/assets/js/dist/landend/301019/landend.js
IP
File type ASCII text, with very long lines (1046)
Hash 3e49a4256205da723674a5f104d1d9aa
6405d394b5234302f35af124c18ce3e1a84be09e
6702e16c9a651274644aac037c34b1c30f99c2596724c752c0e2117ad1652bec
GET /assets/js/dist/landend/301019/landend.js HTTP/1.1
Host: old.assets-landingi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 21:09:27 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6470
etag: W/"4c70a4aa2b8beb0a46b73c6037fb03b5"
last-modified: Wed, 30 Oct 2019 11:31:13 GMT
x-amz-id-2: DXOvNL384jpqrsW2TyYwtF/CZKgZn5JN1VFNjo26vykoEWCbgbH79Vp8IrI9HaltCbu4ouD9QpI=
x-amz-request-id: 1KE72M2YG853T47C
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0V8WqJz%2FYaE4eSn83bxPboP24a750fhxf5rejfWlvCrm9ikunO5Zmy2fmRXI3sVAdl4bX3ku2ia50Wxb%2BsDC3O0u53h%2FvwZr%2Bga%2BvdNLRMFbEElDrV1%2FGgXvjUy%2BFGGioq%2BejMaNwSwNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a2f8d2badb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 521428b0e694b41561bc2ed785219929
45bf3b914325f9d646879bd16bb01feb8f29f2d4
9e2c58593cb9b9baae14e338253ca44b199d965e106ddc70c700f66f0203465a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash 733fdef149e4e878a47af0e353e741b5
aad3e59dbc64ba65e945f4cac3fa632ced865eb8
a4296db51d56ca61f7a04ede3bbd75560e9bf8d7693c8f9fac608d9336f5b7e8
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Tue, 06 Sep 2022 21:09:27 GMT
Connection: keep-alive
X-N: S
styles.assets-landingi.com/G8OosAMt/base.css
200 OK 11 kB URL HTTP/2 styles.assets-landingi.com/G8OosAMt/base.css
IP
File type ASCII text, with very long lines (834)
Hash 1fe84fc879beab045575f6e804f3370b
c3e0107078e3a6093c27e514af7da4d52d1002a7
3e7d1a65b4768de8940b7df9ba8b98551a1904e6551ef4a86677088c1b95c753
GET /G8OosAMt/base.css HTTP/1.1
Host: styles.assets-landingi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 21:09:27 GMT
content-type: text/css
x-amz-id-2: virQRHvGSpqeJmM1Dk7Z1zygnIJY1xZ8qvU/FKC0ib0IRkAn2Yw8qxZsiEZQPzWd8F9AYuh3iJo=
x-amz-request-id: CV6PQF5047JY86QY
last-modified: Mon, 26 Oct 2020 18:09:29 GMT
etag: W/"9830bd7ec9e1f1c7ff3368373f34ab13"
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5%2FMcWFAINcE0V4dE8yD87jackulpFisGtCOljKiUylZBF44Cja%2F3NDgYpPmIoFn2ZoNoQxI0hOia5oHYcN5jAOjphEZf2%2BAvJ46hfudG27ItmZn4dZ%2B5hrnM0slUAS%2B78rGizJD1srr2OGHKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a2f8d6bebb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4627
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:27 GMT
Last-Modified: Tue, 06 Sep 2022 19:52:20 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 21d1b5be072df45253749eeb3290be82
4ac9978797c085289b9fcc2fe9a57b619e1c78c9
9ea779e1ad86a4a7c403b574908e2dc60d079b366ab1cf439b34c73c9a9c64c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8fc7316fab55e89a81536e926eab6f83
7fcab743b176312e76999b39a1b2a3b97dbeb10f
8178b9805611209f5c47dce32da555117870a90648e026d08cc691a4103169a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8fc7316fab55e89a81536e926eab6f83
7fcab743b176312e76999b39a1b2a3b97dbeb10f
8178b9805611209f5c47dce32da555117870a90648e026d08cc691a4103169a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/maps/embed?pb=!1m14!1m12!1m3!1d5907.432919450342!2d-0.14091151177965314!3d51.49909571585804!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!5e0!3m2!1sen!2sil!4v1645537478660!5m2!1sen!2sil
200 OK 630 B URL HTTP/2 www.google.com/maps/embed?pb=!1m14!1m12!1m3!1d5907.432919450342!2d-0.14091151177965314!3d51.49909571585804!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!5e0!3m2!1sen!2sil!4v1645537478660!5m2!1sen!2sil
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (446)
Hash 4cb394a523ed7a94e5eba8b499fde771
a1238ce57d56c823e66af164a3a33bad51df7aa1
ca194e4892bdf082f88c8545b7d8b1075a1c3e39a8406f35243bf7a7dad46f9a
GET /maps/embed?pb=!1m14!1m12!1m3!1d5907.432919450342!2d-0.14091151177965314!3d51.49909571585804!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!5e0!3m2!1sen!2sil!4v1645537478660!5m2!1sen!2sil HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Tue, 06 Sep 2022 21:09:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-RgUvgBJxdpuSghFHIThduQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 630
x-xss-protection: 0
server-timing: gfet4t7; dur=2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8fc7316fab55e89a81536e926eab6f83
7fcab743b176312e76999b39a1b2a3b97dbeb10f
8178b9805611209f5c47dce32da555117870a90648e026d08cc691a4103169a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/c16db54a/www-player.css
200 OK 49 kB URL HTTP/2 www.youtube.com/s/player/c16db54a/www-player.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 666388d9ac2c812d3d9b0e511b1cfea0
4dfa524e6558a4aaf676578dd3275f544cb36625
a1532094c979ab2823b5baf7e5843d731e1c64765a8b8495f89bb56b7f7df117
GET /s/player/c16db54a/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/3bOWCBl7zug?autoplay=1&loop=1&byline=0&portrait=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49081
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:42:16 GMT
expires: Sat, 02 Sep 2023 20:42:16 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/css
age: 347232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js
200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js
IP
File type ASCII text, with very long lines (592)
Hash 26b6e79984361d593bcf000927f559db
36dc3faef99c68636ed7d8a2d46783ccfc3be7ff
2795564d0f494ec4aed32d6708062dd699c22324d3df26588d5e2e2c2a956b36
GET /s/player/c16db54a/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/3bOWCBl7zug?autoplay=1&loop=1&byline=0&portrait=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97590
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:42:16 GMT
expires: Sat, 02 Sep 2023 20:42:16 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/javascript
age: 347232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/c16db54a/player_ias.vflset/en_US/base.js
200 OK 587 kB URL HTTP/2 www.youtube.com/s/player/c16db54a/player_ias.vflset/en_US/base.js
IP
File type ASCII text, with very long lines (596)
Size 587 kB (586778 bytes)
Hash da3059ae3f2d892ccddf5832ff6f7a5a
df25b539e3bc115ff39343862807b32cfce2b4bc
abe75b67d443e17494a271925559be75c8a07e454c645153dac3e4f3a82947c4
GET /s/player/c16db54a/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/3bOWCBl7zug?autoplay=1&loop=1&byline=0&portrait=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 586778
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:50:27 GMT
expires: Sat, 02 Sep 2023 20:50:27 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/javascript
age: 346741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.assets-landingi.com/kG6VUgYj/Graphology_Light.otf
200 OK 52 kB URL HTTP/2 fonts.assets-landingi.com/kG6VUgYj/Graphology_Light.otf
IP
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 13 names, Microsoft, language 0x409, Typeface \251 (HANIFONTS). 2019. All Rights ReservedRegularGraphology Light:Version 1.00Grapholo\012- data
Hash 7039c35fe2c6bbae9e90284efe835343
4bd81bb6f680cdfa947c2e1a0c2dba6008a250cb
b51762cede07cc5c61b64d4dfe430d5e581dda166d73c92c0ff4ad051b8082d6
GET /kG6VUgYj/Graphology_Light.otf HTTP/1.1
Host: fonts.assets-landingi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://balagh-sa.com
Connection: keep-alive
Referer: https://styles.assets-landingi.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 21:09:28 GMT
content-type: binary/octet-stream
content-length: 51564
x-amz-id-2: JBsiPbA1Hu9T89BpSPzHL9uL/1USfX5+3npy9GTENrAFcL2NSIRd1axaVGsee365lEndizUzTCs=
x-amz-request-id: 8VR5VWXBG4SKDCBN
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 28 Oct 2019 17:52:04 GMT
etag: "7039c35fe2c6bbae9e90284efe835343"
cache-control: public, max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wy%2FFogCeFX03381ScD15uJWGEPf6jd2JJqhtZkSHFe3f2cse94ilNHSsYqEI0dqey50AxNmCOJeTIoUv%2FGOGSz4eGoc2EC87VomkJT18P%2Fpn7L2yOxAD2%2FNV8lJodh9L4n74ptmfwWr3j8Pz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746a2f91bf9fb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
old.assets-landingi.com/bootstrap/js/bootbox.min.js
200 OK 1.9 kB URL HTTP/2 old.assets-landingi.com/bootstrap/js/bootbox.min.js
IP
File type HTML document, ASCII text, with very long lines (531)
Hash cd43de04b1a03c6a4b378675d6eae465
3e2be473e045a015c8fb3ca51956331c4308bf97
7f9c464e34f0e720a08ca9d04c49b5988b3d5207d79fa7ef11d89d8dfe80f2ef
GET /bootstrap/js/bootbox.min.js HTTP/1.1
Host: old.assets-landingi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 21:09:27 GMT
content-type: application/x-javascript
x-amz-id-2: ggQKIeMzzqIMD7GsX1EWwGlC1z/xY5ARkoYkDzo5bQvJTVkGzxejcGCk4MrZvcwxBOLHsS8oCC8=
x-amz-request-id: 49T69HRZXV6V1ZW8
last-modified: Mon, 04 Jul 2016 09:10:43 GMT
etag: W/"d640fa844190900e6dce272031a1b1e7"
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVo5R9OsEEXrNJewdP%2FRvZ392N9m0TwnszqgiZdCSJiz0dJDFkFigp61MThifnKRaxUoAbFudD9Ae%2Fih3lnq8CJja1lYyBC3P%2FMMie77DCqXiJNXr9uGaozpi6HGahBfmwNrUJSnF5FyGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a2f8d1b9cb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.assets-landingi.com/sq495sWY/Graphology_Light.otf
200 OK 52 kB URL HTTP/2 fonts.assets-landingi.com/sq495sWY/Graphology_Light.otf
IP
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 13 names, Microsoft, language 0x409, Typeface \251 (HANIFONTS). 2019. All Rights ReservedRegularGraphology Light:Version 1.00Grapholo\012- data
Hash 7039c35fe2c6bbae9e90284efe835343
4bd81bb6f680cdfa947c2e1a0c2dba6008a250cb
b51762cede07cc5c61b64d4dfe430d5e581dda166d73c92c0ff4ad051b8082d6
GET /sq495sWY/Graphology_Light.otf HTTP/1.1
Host: fonts.assets-landingi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://balagh-sa.com
Connection: keep-alive
Referer: https://styles.assets-landingi.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 21:09:28 GMT
content-type: binary/octet-stream
content-length: 51564
x-amz-id-2: uIzfWGxPRySuHiO6qobbap3Na8tw3La/bDy1XfshvMHJOWORo4HnGnt10iHuBO0B/3uM12pYkAI=
x-amz-request-id: 8VRCMA86AXGV71NC
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sun, 17 Nov 2019 12:23:37 GMT
etag: "7039c35fe2c6bbae9e90284efe835343"
cache-control: public, max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6A9aCzJQcL5mQSEWY%2FN1vx6OBclxTfIOgqLr1p3TcC%2F9mV%2F44I1ZmVMpoQf3AdRHiZ75P4HuCnNsti0IkXohGwuyZ%2BrXjpAqXtwqM6lSPqLuk6zRRnq2sqbJnNSUcCu0jyN19s7mokrwgpo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746a2f91cfbbb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.assets-landingi.com/oo91GEel/Cairo_Bold_1_.ttf
200 OK 154 kB URL HTTP/2 fonts.assets-landingi.com/oo91GEel/Cairo_Bold_1_.ttf
IP
File type TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2009 The Cairo Project Authors (gaber@gaberism.net)CairoBold2.009;1KTF;Cairo-BoldCairo\012- data
Size 154 kB (154184 bytes)
Hash a14c20325bb25764f63bcfbc076e9201
0abf7584eebee8b8f78cd769dd486a84d7e82762
09740b09161fb32f9d6e836a210e9c7350e68713af7310158686041bb2f62acb
GET /oo91GEel/Cairo_Bold_1_.ttf HTTP/1.1
Host: fonts.assets-landingi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://balagh-sa.com
Connection: keep-alive
Referer: https://styles.assets-landingi.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 21:09:28 GMT
content-type: binary/octet-stream
content-length: 154184
x-amz-id-2: XKhoXEVSwzzYHUhPZcSK7a15/gLyltOvo2I0Kf13ASclTiEP79pUqW+vikKUufIh7ZQh9tG/JCQ=
x-amz-request-id: 8VR711VZ2DEWF9PQ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 31 Mar 2020 12:59:35 GMT
etag: "a14c20325bb25764f63bcfbc076e9201"
cache-control: public, max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poLsmSFlk21cPJNEGgp2ju2XN6dCutADSPEw7iYrbNU%2Fdzx%2BqoH9zV72iOebgLgkAp7StXt1W5bg5YHEJSdkwQpJB7TxcmGv928zg2APFPZGdrKVdIvU8bevYIM02Tu0EV5Fn%2F4HnQNj1yEU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746a2f919f7cb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.assets-landingi.com/ZAbxQl2X/Cairo_Regular_1_.ttf
200 OK 152 kB URL HTTP/2 fonts.assets-landingi.com/ZAbxQl2X/Cairo_Regular_1_.ttf
IP
File type TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2009 The Cairo Project Authors (gaber@gaberism.net)CairoRegular2.009;1KTF;Cairo-Regula\012- data
Size 152 kB (151580 bytes)
Hash e793edb57aaf4d59ac9e943cbf091937
d63084cda6180873938004db435bd2e0cbfff0f1
de1f6c5e2570570f627d7eb54faf57fb36e31734f70b8fc6ef8b82d18b1401af
GET /ZAbxQl2X/Cairo_Regular_1_.ttf HTTP/1.1
Host: fonts.assets-landingi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://balagh-sa.com
Connection: keep-alive
Referer: https://styles.assets-landingi.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 21:09:28 GMT
content-type: binary/octet-stream
content-length: 151580
x-amz-id-2: GKCCIzUFlDtEEzx8XVVqvnQC9xTHpye0CfUyMhkPtiEFUDR0TIUGwj8U3dZerT5LzBeLTBpguxE=
x-amz-request-id: 8VR2FKWCD7SAAK47
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 31 Mar 2020 12:59:35 GMT
etag: "e793edb57aaf4d59ac9e943cbf091937"
cache-control: public, max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1KdhbJx7%2BREDgdSeFRjTfmfQo6WUVloL%2BIg2bZU7euFlH2EAM16H42zieKp5OiUFa6tRttMMADWgDIIjwhzYMMn%2FatJqnPk94BrufTGQzt2J9PR7OvnALsGXpWFJ1nYFBh2Hob6gnjgSe%2Bd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746a2f91bf8fb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.pagesense.io/js/market/5244cd2a191f462fa19fe7adc0fc24ae.js
403 Forbidden 957 B URL HTTP/2 cdn.pagesense.io/js/market/5244cd2a191f462fa19fe7adc0fc24ae.js
IP
Hash 2194970b3fbb30fff9797e61963177c2
3e3054fb8242129d784c29c8ff9ef27143c6a50b
ff525d22b32bb25361d58fd0c2234fcdbba5dab20c06b6f940f12e527cf25eb6
GET /js/market/5244cd2a191f462fa19fe7adc0fc24ae.js HTTP/1.1
Host: cdn.pagesense.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/xml
date: Tue, 06 Sep 2022 21:09:27 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7sngQF1Gs32TOH3ipCUe0v53SbkIhwgH8yoRqBtm4gQW8MxzkWGOyQ==
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 12:31:58 GMT
expires: Sun, 03 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 290250
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.gstatic.com/maps-api-v3/embed/js/50/3/init_embed.js
200 OK 70 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/50/3/init_embed.js
IP
File type ASCII text, with very long lines (2713)
Hash 44d713660ad67a70dcf5edbe2df816be
3cb392aee264813bfdf73bc760a5d8f54a93ea40
c8d1536b59156df4a135fff1b1fde87415eb3bee7f4800415c5e2e200ea610f1
GET /maps-api-v3/embed/js/50/3/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69459
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 18:32:11 GMT
expires: Thu, 31 Aug 2023 18:32:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Aug 2022 21:32:06 GMT
content-type: text/javascript
age: 527837
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash bb45f41c99113116c8e85d72900cab87
094b8e32034c3b52696679c83415a791ebd85513
e9a2cf3139ce823559eec765bca1c749ced978bbbd72b58e38f93ff95facdb91
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 21:09:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 02:49:10 GMT
Expires: Tue, 13 Sep 2022 02:49:09 GMT
Etag: "094b8e32034c3b52696679c83415a791ebd85513"
Cache-Control: max-age=538180,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746a2f93bdf90b02-OSL
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
salesiq.zoho.com/widget
200 34 kB IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 378c9dfeb4b5b4c06f94c38c3bbc991f
00554eaae336cc4456fe80b527608e25284a773d
fd3a6ba127309a31aa4c8d73dff338b3a993e1e13a784cb3bf80f253d82f95ab
GET /widget HTTP/1.1
Host: salesiq.zoho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: ZGS
Date: Tue, 06 Sep 2022 21:09:28 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: 663a60c55d=e8c9a2f2b0e148ed95a7ff53a22af838; Path=/
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Pragma:
Expires: Tue, 06 Sep 2022 21:14:28 GMT
ETag: W/1ed5677fb281be10fa19d70cadd11e2e3d112d552e05d29f5d3b92ef023297d3
vary: accept-encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e27313c78bb1b4915b56819ea1681c89
aeea006638532562eb6d03ce71f1928f16a79e14
54f506e01b24da86d55bed7a799101e97f051c3ae9f40adb8627b28f611d4570
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 10585eccdd73117e0bc71ecaf1cd02cb
7bda7ff7308cac8c8824a5a558097a15a2325f5e
6303f8b80751e64006c77524615f10709b136b0606695feb0f51b964e0c2163d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 20:59:23 GMT
expires: Tue, 06 Sep 2022 21:14:23 GMT
cache-control: public, max-age=900
age: 605
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Tue, 06 Sep 2022 21:09:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e27313c78bb1b4915b56819ea1681c89
aeea006638532562eb6d03ce71f1928f16a79e14
54f506e01b24da86d55bed7a799101e97f051c3ae9f40adb8627b28f611d4570
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext
200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext
IP
Hash 43ff0b6838cedf84b60fb15d6403d1e9
2e4947c9321f907ddc0b7c6f8e5e0f563a1a6d6a
c8fa600e75956f2832e77ab0a625670be3bee17fe04dafd021aa578bbeffcad0
GET /css?family=Open+Sans:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 21:09:27 GMT
date: Tue, 06 Sep 2022 21:09:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
styles.assets-landingi.com/4eG0MSId/saudia.css
200 OK 4.7 kB URL HTTP/2 styles.assets-landingi.com/4eG0MSId/saudia.css
IP
File type ASCII text, with no line terminators
Hash 7a29cf9259ce664e9a56d0fd17b5bf6a
acdf4a8a100c91bda441fe47c58694429244e304
4f657f17a0deef94c1d4f3948ff8bfe070d2b7b2edc40709fdeafda594bb7300
GET /4eG0MSId/saudia.css HTTP/1.1
Host: styles.assets-landingi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 21:09:27 GMT
content-type: text/css
x-amz-id-2: wK2jApl0p5eDPxLatzLsM3QNNTelxCA5j6EPveU8HuZOeBPA/AWt0DiRVIbiBYeie0uIRGzbtiE=
x-amz-request-id: CV6MN7QQ64K24CJ9
last-modified: Mon, 28 Oct 2019 17:52:04 GMT
etag: W/"30ec6cf9e3b9376b280610c224d7cb8e"
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCi3F1jXvBU735wdzHzq%2B75UeeR%2BDtIvIX8nnxfJ7T3kWbJOP7KOI5DImcml3l4l8crgv%2F3c5E2stfmJXdCCFjqn1%2FUUtiKnmFhGLAeJl9svvXdE%2FCi%2Fev1PkspN2zbhYvoRlo0%2F87j6N5FbQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a2f8d1b99b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
salesiq.zoho.com/visitor/v2/channels/website?widgetcode=2f1f90711f8700a830ab6e2f182feccd79d88110d679576c0c1e26b1024b021d&internal_channel_req=true&language_api=true&browser_language=en¤t_domain=https%3A%2F%2Fbalagh-sa.com&pagetitle=%D8%A7%D9%84%D8%B9%D8%AF%D9%84&include_fields=avuid
200 7.7 kB URL HTTP/1.1 salesiq.zoho.com/visitor/v2/channels/website?widgetcode=2f1f90711f8700a830ab6e2f182feccd79d88110d679576c0c1e26b1024b021d&internal_channel_req=true&language_api=true&browser_language=en¤t_domain=https%3A%2F%2Fbalagh-sa.com&pagetitle=%D8%A7%D9%84%D8%B9%D8%AF%D9%84&include_fields=avuid
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (18706), with no line terminators
Hash 7e047b6bb9926cd020b0d742bd953484
095a01243ff6be88bf10cc6f6abe1c90dd8cf526
90b6018f395a03bf320ae467e5cbf90d25f69ce1dfff2b0163ad4aee07340ed5
GET /visitor/v2/channels/website?widgetcode=2f1f90711f8700a830ab6e2f182feccd79d88110d679576c0c1e26b1024b021d&internal_channel_req=true&language_api=true&browser_language=en¤t_domain=https%3A%2F%2Fbalagh-sa.com&pagetitle=%D8%A7%D9%84%D8%B9%D8%AF%D9%84&include_fields=avuid HTTP/1.1
Host: salesiq.zoho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://balagh-sa.com
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: ZGS
Date: Tue, 06 Sep 2022 21:09:29 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
Encoding: UTF-8
X-XSS-Protection: 1
Set-Cookie: 663a60c55d=e9529bf0eb00bf128a234a3c3276df42; Path=/
LS_CSRF_TOKEN=5bbd27ef-09ae-40f0-8797-a939633f0ebb;path=/;SameSite=None;Secure;priority=high
_zcsr_tmp=5bbd27ef-09ae-40f0-8797-a939633f0ebb;path=/;SameSite=Strict;Secure;priority=high
uesign=a6225dfcd2d22b2b3efa8f9a70d72559f7d8dc0a8351f02756a7cd7c836b1872ab396fd6549697d66e1e4964988c45be;Max-Age=2592000;Path=/;Secure;SameSite=None;priority=high
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Headers: Content-Type,x-siq-internal-channel
Access-Control-Allow-Origin: https://balagh-sa.com
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Content-Language: en-US
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 06 Sep 2022 21:09:29 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 9e927be35189984420d3f37b4809b73e
bf838da4f11ff5da9eabacfb7ed2949d3580ec75
187f77291699bc908e0203d2eeb387b63984c26c4ff6f3639f51a4217b09d0ca
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 06 Sep 2022 21:09:29 GMT
server: ESF
cache-control: private
content-length: 30672
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4493
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 21:09:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4493
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 21:09:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4493
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 21:09:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4493
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 21:09:29 GMT
Connection: keep-alive
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash f896c36aa787078add181b1a23ae3b65
187b1b37d2fa8ed4105131f3b35b2902ed0a8374
6a219f1bf6cb3db1025d7e0e165f33c83f4ee781b3ec538ef80d15ba0fe8dd04
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 06 Sep 2022 21:09:29 GMT
server: ESF
cache-control: private
content-length: 30642
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GSRJIWisH465dPqbKyPj1iZk1jAu3RGrgwj1CX3X8A397zv9Nt0cHA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 08:35:06 GMT
age: 45263
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4493
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 21:09:29 GMT
Connection: keep-alive
styles.assets-landingi.com/iQ7rZmsF/saudi4.css
200 OK 8.3 kB URL HTTP/2 styles.assets-landingi.com/iQ7rZmsF/saudi4.css
IP
File type ASCII text, with very long lines (493), with no line terminators
Hash 9606a8819a5b48e2d953a65624c95dbf
42205453466e892afa130ddd1d00abcd9c2322ea
68d402c4150dd5602d6d17a73dd997cd17a92f37dadb415dd2d2ffc569bd65a6
GET /iQ7rZmsF/saudi4.css HTTP/1.1
Host: styles.assets-landingi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 21:09:27 GMT
content-type: text/css
x-amz-id-2: hrdaGFHxfxMY5D+E6+JqlL4B9xOhp7KC/bJ6YdXfU7Upp1wpb/dCPKAsE5cIBMM5yDYzUTp9IlM=
x-amz-request-id: CV6RVA3NTGGGDZ7H
last-modified: Tue, 31 Mar 2020 12:59:35 GMT
etag: W/"f59af0f9b6a9d98bb80d5923c94c8379"
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8o1DKpii3SMmbJgXU07zeLwWnvZHNRWCLvyvJwi8zB8wp9PTCxUlBZl81gpunFdHcnQ7iTYmROdNjRTw%2BcKvV72lpMecK2fEE6ZDJm7FuhlGkVCIucWdi6FUjymR0iuLzzyphnAdUDzTuEwhQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a2f8d0b90b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:31:02 GMT
age: 59907
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 983e705542fa78b4d5c876e0c1eada7e
5fc951e5236edd282d4975853ca35dab2e55fb17
fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:44:33 GMT
age: 84296
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c23179b2131543088771e3fa84ff231
ae50ae4aecd962b698c19f2863857b51cea7fcec
660900ca69b1787a734c1dbe3d6b9b19656912b4bc4715964c4325edff57f008
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7855
x-amzn-requestid: d7c8054c-d7d3-4b76-815d-36c3a2e1f6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYn6FwzoAMF40g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166e32-3ededbf27f83503978e0d775;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:46:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QFEoJOq9eyhQH3KTlAB_ctOvGWRfAkPMHiZUa34wae07KaezXFodBg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:57:14 GMT
age: 83535
etag: "ae50ae4aecd962b698c19f2863857b51cea7fcec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a87857b93f99eab3118aae97a1c9d22
3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80
97ce11c0e0efe83d6568f173f9235160157c52b4ab4299823d508c072f113ddc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5775
x-amzn-requestid: dc0a6d9c-5aec-44a3-be54-69cec17f9de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYfxE0noAMFz0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166dfe-6c8ec4b03fc761d81c988132;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z3WamVQsZqAoYnfPZ0rgyYXGzs1jsv56D1oF4Wzva-H-T8a-xPU8mg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:00:00 GMT
age: 83369
etag: "3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
khms1.googleapis.com/kh?v=930&hl=en&gl=IL&x=1023&y=681&z=11
200 OK 14 kB URL HTTP/2 khms1.googleapis.com/kh?v=930&hl=en&gl=IL&x=1023&y=681&z=11
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash 09a468765db43666945394161161e66f
a2511f90443f6226a501657afacc0b46ad2e0f7f
6f4bb8db0e1b91560952f432b89c5698493803f910442f5833857c65b766d86e
GET /kh?v=930&hl=en&gl=IL&x=1023&y=681&z=11 HTTP/1.1
Host: khms1.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
date: Tue, 06 Sep 2022 21:09:29 GMT
cache-control: public, max-age=31536000
access-control-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 06 Sep 2023 21:09:29 GMT
access-control-allow-credentials: true
content-type: image/jpeg
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 14327
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f826e6c7ed5681ea2e4fb221deee4c65
85450db9a100d7b512f454c49237d8071e6f5a05
d96e95c4e9ec09f5e53aef9d6be1e36858601c5b999587f1d104e588bbc49e8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu9x6B4LuRM42pJ2taHl3iaDoOH8IYQt_SnzEQ=s68-c-k-c0x00ffffff-no-rj
200 OK 985 B URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9x6B4LuRM42pJ2taHl3iaDoOH8IYQt_SnzEQ=s68-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash b5b844054a8653cf95c42b2b96ef81c2
dbe00883bc0f276cdbafefd19ab81d0f3a1fe8af
b565f3018b101d8a84956cd2ec14464127ef128e086c4a806f7ea28fda3a8a0d
GET /ytc/AMLnZu9x6B4LuRM42pJ2taHl3iaDoOH8IYQt_SnzEQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 07 Sep 2022 21:09:29 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 06 Sep 2022 21:09:29 GMT
server: fife
content-length: 985
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6b6c1068216577e4920f7603fd80b6f7
992bbe3b7e8e0a2d1e5bfcf51dee0e7a626a45b7
874daa5370299e1f4105e65094ccc7e68e657f724775bcbcc31d40d3e2ebaf6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f826e6c7ed5681ea2e4fb221deee4c65
85450db9a100d7b512f454c49237d8071e6f5a05
d96e95c4e9ec09f5e53aef9d6be1e36858601c5b999587f1d104e588bbc49e8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6b6c1068216577e4920f7603fd80b6f7
992bbe3b7e8e0a2d1e5bfcf51dee0e7a626a45b7
874daa5370299e1f4105e65094ccc7e68e657f724775bcbcc31d40d3e2ebaf6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662520169&ei=CbcXY__yE9SVv_IPrsuq0AM&ip=91.90.42.154&id=o-AF_qBXAJiasYQvYTMJOthRmYqLqNBw2GjLrRxvt7iqko&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=rG&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yner&ms=au%2Crdu&mv=u&mvi=1&pcm2cms=yes&pl=21&spc=lT-KhoioB3El1lAvs-xh7W3zT0dVLqY&vprv=1&mime=video%2Fwebm&ns=Ix88vqyreIfnIXcwF1LcQN8H&gir=yes&clen=786398&dur=53.800&lmt=1620352724671360&mt=1662496365&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5316224&n=avukbsnu2col9w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAO9HSCtVBcDmSibl6CYIaiO4ECT3gfXYpBDFOxfWAWf2AiAI0mIuR6MjkBEYm63hoB40WN00Cy8aHtf4BU9RvUPnoQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl&lsig=AG3C_xAwRQIgNorssKjYe_1BVn74IKgzZSKh2za0dhJ0T1nVZeduVLQCIQDpkAEC6TKVM-3oeCdR7p9oEWinfDzd8qv6nby5pl9LkA%3D%3D&alr=yes&cpn=ev_WKZp1P1GAzjfv&cver=1.20220831.01.01&range=0-65917&rn=1&rbuf=0
200 OK 66 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662520169&ei=CbcXY__yE9SVv_IPrsuq0AM&ip=91.90.42.154&id=o-AF_qBXAJiasYQvYTMJOthRmYqLqNBw2GjLrRxvt7iqko&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=rG&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yner&ms=au%2Crdu&mv=u&mvi=1&pcm2cms=yes&pl=21&spc=lT-KhoioB3El1lAvs-xh7W3zT0dVLqY&vprv=1&mime=video%2Fwebm&ns=Ix88vqyreIfnIXcwF1LcQN8H&gir=yes&clen=786398&dur=53.800&lmt=1620352724671360&mt=1662496365&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5316224&n=avukbsnu2col9w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAO9HSCtVBcDmSibl6CYIaiO4ECT3gfXYpBDFOxfWAWf2AiAI0mIuR6MjkBEYm63hoB40WN00Cy8aHtf4BU9RvUPnoQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl&lsig=AG3C_xAwRQIgNorssKjYe_1BVn74IKgzZSKh2za0dhJ0T1nVZeduVLQCIQDpkAEC6TKVM-3oeCdR7p9oEWinfDzd8qv6nby5pl9LkA%3D%3D&alr=yes&cpn=ev_WKZp1P1GAzjfv&cver=1.20220831.01.01&range=0-65917&rn=1&rbuf=0
IP
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 442257da926e98df5714e0a4df7dff12
9db6597cd1cfad970924afb8034d1838c1d02ca3
3532f6bdcd799d5207528a3d634a46ef4a7b51893c7a5f9fc10f17ed62f4e468
GET /videoplayback?expire=1662520169&ei=CbcXY__yE9SVv_IPrsuq0AM&ip=91.90.42.154&id=o-AF_qBXAJiasYQvYTMJOthRmYqLqNBw2GjLrRxvt7iqko&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=rG&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yner&ms=au%2Crdu&mv=u&mvi=1&pcm2cms=yes&pl=21&spc=lT-KhoioB3El1lAvs-xh7W3zT0dVLqY&vprv=1&mime=video%2Fwebm&ns=Ix88vqyreIfnIXcwF1LcQN8H&gir=yes&clen=786398&dur=53.800&lmt=1620352724671360&mt=1662496365&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5316224&n=avukbsnu2col9w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAO9HSCtVBcDmSibl6CYIaiO4ECT3gfXYpBDFOxfWAWf2AiAI0mIuR6MjkBEYm63hoB40WN00Cy8aHtf4BU9RvUPnoQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl&lsig=AG3C_xAwRQIgNorssKjYe_1BVn74IKgzZSKh2za0dhJ0T1nVZeduVLQCIQDpkAEC6TKVM-3oeCdR7p9oEWinfDzd8qv6nby5pl9LkA%3D%3D&alr=yes&cpn=ev_WKZp1P1GAzjfv&cver=1.20220831.01.01&range=0-65917&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 07 May 2021 01:58:44 GMT
Content-Type: video/webm
Date: Tue, 06 Sep 2022 21:09:29 GMT
Expires: Tue, 06 Sep 2022 21:09:29 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 65918
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662520169&ei=CbcXY__yE9SVv_IPrsuq0AM&ip=91.90.42.154&id=o-AF_qBXAJiasYQvYTMJOthRmYqLqNBw2GjLrRxvt7iqko&itag=251&source=youtube&requiressl=yes&mh=rG&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yner&ms=au%2Crdu&mv=u&mvi=1&pcm2cms=yes&pl=21&spc=lT-KhoioB3El1lAvs-xh7W3zT0dVLqY&vprv=1&mime=audio%2Fwebm&ns=Ix88vqyreIfnIXcwF1LcQN8H&gir=yes&clen=924355&dur=53.821&lmt=1620352729547474&mt=1662496365&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5311224&n=avukbsnu2col9w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANpGvEHAKvAx4Fx4oRZCHop1dcwt58_v1OT5WXI3QRrcAiBY_2HliNJl6mS_w727Ok2a60cWhBC-5fbtMkDNNdrPfQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl&lsig=AG3C_xAwRQIgNorssKjYe_1BVn74IKgzZSKh2za0dhJ0T1nVZeduVLQCIQDpkAEC6TKVM-3oeCdR7p9oEWinfDzd8qv6nby5pl9LkA%3D%3D&alr=yes&cpn=ev_WKZp1P1GAzjfv&cver=1.20220831.01.01&range=0-65893&rn=2&rbuf=0
200 OK 66 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662520169&ei=CbcXY__yE9SVv_IPrsuq0AM&ip=91.90.42.154&id=o-AF_qBXAJiasYQvYTMJOthRmYqLqNBw2GjLrRxvt7iqko&itag=251&source=youtube&requiressl=yes&mh=rG&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yner&ms=au%2Crdu&mv=u&mvi=1&pcm2cms=yes&pl=21&spc=lT-KhoioB3El1lAvs-xh7W3zT0dVLqY&vprv=1&mime=audio%2Fwebm&ns=Ix88vqyreIfnIXcwF1LcQN8H&gir=yes&clen=924355&dur=53.821&lmt=1620352729547474&mt=1662496365&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5311224&n=avukbsnu2col9w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANpGvEHAKvAx4Fx4oRZCHop1dcwt58_v1OT5WXI3QRrcAiBY_2HliNJl6mS_w727Ok2a60cWhBC-5fbtMkDNNdrPfQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl&lsig=AG3C_xAwRQIgNorssKjYe_1BVn74IKgzZSKh2za0dhJ0T1nVZeduVLQCIQDpkAEC6TKVM-3oeCdR7p9oEWinfDzd8qv6nby5pl9LkA%3D%3D&alr=yes&cpn=ev_WKZp1P1GAzjfv&cver=1.20220831.01.01&range=0-65893&rn=2&rbuf=0
IP
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash b15a2a15bc34b5431bc29ba69f08fa4e
5bccd6149d817e6025622b72ae4e7f35267a75f5
4c2ac1093ae3cc6b3252eeb214e03b194c35e8c65fc06e2fc9b2dd3429433c9d
GET /videoplayback?expire=1662520169&ei=CbcXY__yE9SVv_IPrsuq0AM&ip=91.90.42.154&id=o-AF_qBXAJiasYQvYTMJOthRmYqLqNBw2GjLrRxvt7iqko&itag=251&source=youtube&requiressl=yes&mh=rG&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yner&ms=au%2Crdu&mv=u&mvi=1&pcm2cms=yes&pl=21&spc=lT-KhoioB3El1lAvs-xh7W3zT0dVLqY&vprv=1&mime=audio%2Fwebm&ns=Ix88vqyreIfnIXcwF1LcQN8H&gir=yes&clen=924355&dur=53.821&lmt=1620352729547474&mt=1662496365&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5311224&n=avukbsnu2col9w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANpGvEHAKvAx4Fx4oRZCHop1dcwt58_v1OT5WXI3QRrcAiBY_2HliNJl6mS_w727Ok2a60cWhBC-5fbtMkDNNdrPfQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl&lsig=AG3C_xAwRQIgNorssKjYe_1BVn74IKgzZSKh2za0dhJ0T1nVZeduVLQCIQDpkAEC6TKVM-3oeCdR7p9oEWinfDzd8qv6nby5pl9LkA%3D%3D&alr=yes&cpn=ev_WKZp1P1GAzjfv&cver=1.20220831.01.01&range=0-65893&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 07 May 2021 01:58:49 GMT
Content-Type: audio/webm
Date: Tue, 06 Sep 2022 21:09:29 GMT
Expires: Tue, 06 Sep 2022 21:09:29 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 65894
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.sectigo.com/
200 OK 472 B IP
Hash b694d510bc0e9726b8c46c07451f6c40
532a5ddf5573df4cd9118fa2b62451d76621ba02
857c8222e24592e0627eba46c80fd8a94d46e3bdf943955042f1d07bfdd8f7cf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 21:09:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 16:48:00 GMT
Expires: Sat, 10 Sep 2022 16:47:59 GMT
Etag: "532a5ddf5573df4cd9118fa2b62451d76621ba02"
Cache-Control: max-age=329309,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746a2f9a7b481c0e-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash b694d510bc0e9726b8c46c07451f6c40
532a5ddf5573df4cd9118fa2b62451d76621ba02
857c8222e24592e0627eba46c80fd8a94d46e3bdf943955042f1d07bfdd8f7cf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 21:09:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Sep 2022 16:48:00 GMT
Expires: Sat, 10 Sep 2022 16:47:59 GMT
Etag: "532a5ddf5573df4cd9118fa2b62451d76621ba02"
Cache-Control: max-age=329309,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746a2f9a6ce40b02-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6b6c1068216577e4920f7603fd80b6f7
992bbe3b7e8e0a2d1e5bfcf51dee0e7a626a45b7
874daa5370299e1f4105e65094ccc7e68e657f724775bcbcc31d40d3e2ebaf6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
css.zohocdn.com/salesiq/styles/floatbutton1_764bf172fd710d0d540b777a5a05ab02_.css
200 OK 5.0 kB URL HTTP/2 css.zohocdn.com/salesiq/styles/floatbutton1_764bf172fd710d0d540b777a5a05ab02_.css
IP
ASN #41913 Computerline GmbH
File type ASCII text, with very long lines (22169), with no line terminators
Hash b59c1c17e3aa2078f2d9d9f0d9cf587e
0b6b1ea9feee8634851d81cd5236cd27ffe1a32a
704348b8979eb36891653cf231275392fc5c440d7347e73a3da95a117e920322
GET /salesiq/styles/floatbutton1_764bf172fd710d0d540b777a5a05ab02_.css HTTP/1.1
Host: css.zohocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ZGS
date: Tue, 06 Sep 2022 21:09:29 GMT
content-type: text/css;charset=UTF-8
content-length: 5043
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: public, max-age=7776000, immutable
etag: "b59c1c17e3aa2078f2d9d9f0d9cf587e"
content-language: en-US
last-modified: Mon, 21 Mar 2022 15:45:11 GMT
content-encoding: br
access-control-expose-headers: *
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15768000
timing-allow-origin: *
x-cache: HIT
nb-request-id: 9afdb625810831981d6db0ba6466e600
z-origin-id: ex1-52bea099b3b9497ebdef4192e97c34c9
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
js.zohocdn.com/salesiq/js/floatbutton1_6c6ceb2ad2d9cdaffb3ca06affc12fd5_.js
200 OK 12 kB URL HTTP/2 js.zohocdn.com/salesiq/js/floatbutton1_6c6ceb2ad2d9cdaffb3ca06affc12fd5_.js
IP
ASN #41913 Computerline GmbH
File type ASCII text, with very long lines (36028), with no line terminators
Hash 9fe31743256b357191daca98b91a576d
3bb832f9f494033508152e01a4e4440313aad0e6
decf2e9c6c96c25013176c47ec03ad14b78e40e8ce3f4d87d63169dd4c06af28
GET /salesiq/js/floatbutton1_6c6ceb2ad2d9cdaffb3ca06affc12fd5_.js HTTP/1.1
Host: js.zohocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ZGS
date: Tue, 06 Sep 2022 21:09:29 GMT
content-type: application/javascript;charset=UTF-8
content-length: 12380
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: public, max-age=7776000, immutable
etag: "9fe31743256b357191daca98b91a576d"
content-language: en-US
last-modified: Thu, 01 Sep 2022 09:59:58 GMT
content-encoding: br
access-control-expose-headers: *
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15768000
timing-allow-origin: *
x-cache: HIT
nb-request-id: 7d626e2951233e28825b76b1559f23ea
z-origin-id: ex1-7d0c5668a8f044f1a07fb0c4ec30cb93
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash d6e1f83212024d5511c0aefbb75866c7
5750b8b1c5357c12357c835dff840c67c4b96c7a
2923ad9ebb8bc48d3e2b73f59b6234b52b10bd6433d896d7f029c6635133587e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 21:09:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 10:34:40 GMT
Expires: Mon, 12 Sep 2022 10:34:39 GMT
Etag: "5750b8b1c5357c12357c835dff840c67c4b96c7a"
Cache-Control: max-age=479709,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746a2f9c3d1c1c0e-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e1e3618360c113152e2ace6d959b95a6
a300d90c784376801014cd04c3df458647ba9985
7aeb4c402546444e2e2824b5d1543fa121fd31f9626331cae94580fc9b0640d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/GGAtJDtAD_Y/sddefault.webp
200 OK 19 kB URL HTTP/2 i.ytimg.com/vi_webp/GGAtJDtAD_Y/sddefault.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 681b73194c259593728581afe75c6dd1
895be5b4348118f0f73e817e2c5d2a0622a3f1b4
ae53b8f32bdae1b35669fed51be78ee1f77aefbf6bbe5ee2e2c5def7b987ac2f
GET /vi_webp/GGAtJDtAD_Y/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 18684
date: Tue, 06 Sep 2022 21:09:29 GMT
expires: Tue, 06 Sep 2022 23:09:29 GMT
cache-control: public, max-age=7200
etag: "1620336085"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e1e3618360c113152e2ace6d959b95a6
a300d90c784376801014cd04c3df458647ba9985
7aeb4c402546444e2e2824b5d1543fa121fd31f9626331cae94580fc9b0640d1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 21:09:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vts.zohopublic.com/watchws?x-e=topmarket&x-s=topmarket&cpage=https%3A%2F%2Fbalagh-sa.com%2Fadv%2F&ptitle=%D8%A7%D9%84%D8%B9%D8%AF%D9%84&localtime=GMT%2B0000%20(Coordinated%20Universal%20Time)&gmttime=GMT%2B0000&resolution=1280x1024&lsid=559564000000002048&lang_embed=en&con_id=1662498563335&connection_count=1
101 Switching Protocols 0 B URL HTTP/1.1 vts.zohopublic.com/watchws?x-e=topmarket&x-s=topmarket&cpage=https%3A%2F%2Fbalagh-sa.com%2Fadv%2F&ptitle=%D8%A7%D9%84%D8%B9%D8%AF%D9%84&localtime=GMT%2B0000%20(Coordinated%20Universal%20Time)&gmttime=GMT%2B0000&resolution=1280x1024&lsid=559564000000002048&lang_embed=en&con_id=1662498563335&connection_count=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watchws?x-e=topmarket&x-s=topmarket&cpage=https%3A%2F%2Fbalagh-sa.com%2Fadv%2F&ptitle=%D8%A7%D9%84%D8%B9%D8%AF%D9%84&localtime=GMT%2B0000%20(Coordinated%20Universal%20Time)&gmttime=GMT%2B0000&resolution=1280x1024&lsid=559564000000002048&lang_embed=en&con_id=1662498563335&connection_count=1 HTTP/1.1
Host: vts.zohopublic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://balagh-sa.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: n3DuCLP8mIdHXkDlm+Jjhg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Strict-Transport-Security: max-age=15768000
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /BzFPvwER/FGiIqogyVI5J5xUig=
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 06 Sep 2022 21:09:30 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 118 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash fc5754d1994f710b5ce3f224bc4254af
db6579540bfbdd841d2b14d6bf90f29f5c06b92a
4f0c8b42d388eaaafe7a5acf67aedfcff9b151620089a90224a092d3495dd486
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1124
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 06 Sep 2022 21:09:30 GMT
server: ESF
cache-control: private
content-length: 118
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 118 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash feb8861eae49a75ba4e8fe6ca70646f7
e68acb4597d3b2e5cf4758fc31a339e026e0fc87
dc0f477769561a8e7bc3cf6cdc9d1418af785b1103781a89fec98084484fa395
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1047
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 06 Sep 2022 21:09:30 GMT
server: ESF
cache-control: private
content-length: 118
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type gzip compressed data, max compression\012- data
Hash 8ac0c2aac5499bbff1e5cd3a20596fe2
fcc3f527c5c2c4dc64473858c7ae94ab7b96ee97
ee6c28b8aefb5d3e79f8f0593a3ac128ba5c532e82b0744e17f47686a519ffe9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:34:08 GMT
expires: Thu, 31 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 524122
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
scripts.assets-landingi.com/lightboxes/lightbox-render.js?v=1604996414
200 OK 0 B URL HTTP/2 scripts.assets-landingi.com/lightboxes/lightbox-render.js?v=1604996414
IP
GET /lightboxes/lightbox-render.js?v=1604996414 HTTP/1.1
Host: scripts.assets-landingi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 21:09:27 GMT
content-type: application/javascript
x-amz-id-2: OtL+gXq9djoyGpteAnud2Dt4j3Byl8f6y2K74wlEFlwqLpklgTIHfABjqspFShXqYdZqtqZFkZk=
x-amz-request-id: CV6SRGFTV2JRK557
last-modified: Fri, 29 Apr 2022 10:02:51 GMT
etag: W/"70b26270c2f22dbc95c6730900e8abfb"
x-amz-version-id: Oak5hz6YYqhfs8hnGsp4gGxs7A8poW2I
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQhEO%2FltujInsNW7RvrC0%2FQdEiRYjBZ6WkurnrcqCBmx8tSygvjclR1KiL5kGHZ5S9GEDLLi2D%2FqjsTUV7KiTMRYD%2FKT7UjltUNYWvp1UgJBKXuvHQPi%2FyoNLeAEcc434CwSRlK4mt2hHxL2gLY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a2f8d7c15b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.clickcease.com/monitor/stat.js
200 OK 0 B URL HTTP/2 www.clickcease.com/monitor/stat.js
IP
GET /monitor/stat.js HTTP/1.1
Host: www.clickcease.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 21:09:27 GMT
content-type: application/javascript
access-control-max-age: 1728000
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
access-control-allow-credentials: true
last-modified: Thu, 21 Jul 2022 09:00:38 GMT
etag: W/"287f5-5e44cf392c650-gzip"
cache-control: max-age=2678400
expires: Wed, 05 Oct 2022 11:47:17 GMT
vary: Accept-Encoding,User-Agent
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: sameorigin
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 120130
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZZDhx36T9tgfzEfcafPBQuYqwOHKXO1GMS6eLRJ6xJMY2L%2F24W2CrX666zln8uzi%2B%2FSH61OMao8jfXVr%2F%2B2nd3g7HW5vzIaBekPtcFBAiuRxgh%2FpcTRaYWBrApEpehwqk1Kk5g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746a2f91887c0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/embed/GGAtJDtAD_Y?autoplay=1&loop=1&byline=0&portrait=0
200 OK 0 B URL HTTP/2 www.youtube.com/embed/GGAtJDtAD_Y?autoplay=1&loop=1&byline=0&portrait=0
IP
GET /embed/GGAtJDtAD_Y?autoplay=1&loop=1&byline=0&portrait=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Sep 2022 21:09:28 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=24PZDE-e-HU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=ojAYb49fgeI; Domain=.youtube.com; Expires=Sun, 05-Mar-2023 21:09:28 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+077; expires=Thu, 05-Sep-2024 21:09:28 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
old.assets-landingi.com/js/landing.js
200 OK 0 B URL HTTP/2 old.assets-landingi.com/js/landing.js
IP
GET /js/landing.js HTTP/1.1
Host: old.assets-landingi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 21:09:27 GMT
content-type: application/x-javascript
cf-bgj: minify
cf-polished: origSize=171
etag: W/"95e56bf961e8f2902b6133a0be23c329"
last-modified: Mon, 04 Jul 2016 08:56:50 GMT
x-amz-id-2: ubX8xbaUEP/5cSy+OBlAZqUH7Htxf8Yg0OoDrK7h6AijiX+foed4jR0FSUmyj3rmybkbzyfKTbo=
x-amz-request-id: 63C333R6Q53E3EMM
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWTKd9dB3VghdOCPJuHDovsc7uUDAdm9gX306qJjiv24ZMPl1fq5xWrB9vpMd85C6%2BRhyOXZOB%2BWcc1SE%2BipCivOalIOBQVgLuK3qMJuJWyfulbsf7P%2BIxy9SelpFsgVJzrH8tGrp0CeMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a2f8d1b9db511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
popups.landingi.com/api/v2/landing/install-code?apikey=97554959-d9b8-4054-a6b7-33f5732a13bf&landing=e3eaffe39904e0713d3d
200 OK 0 B URL HTTP/2 popups.landingi.com/api/v2/landing/install-code?apikey=97554959-d9b8-4054-a6b7-33f5732a13bf&landing=e3eaffe39904e0713d3d
IP
GET /api/v2/landing/install-code?apikey=97554959-d9b8-4054-a6b7-33f5732a13bf&landing=e3eaffe39904e0713d3d HTTP/1.1
Host: popups.landingi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 21:09:27 GMT
content-type: text/javascript; charset=UTF-8
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.3
cache-control: no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
styles.assets-landingi.com/cKNQxmXQ/saudi.css
200 OK 0 B URL HTTP/2 styles.assets-landingi.com/cKNQxmXQ/saudi.css
IP
GET /cKNQxmXQ/saudi.css HTTP/1.1
Host: styles.assets-landingi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 21:09:27 GMT
content-type: text/css
x-amz-id-2: pXBSsWQfL7pZ0mR+7e/69X3k5crIi0FVmsm54wXX3kC/6pgLaBebQwbJ4zQ+buZm/p+mC85y1hI=
x-amz-request-id: CV6QD8YB7R6W0HDV
last-modified: Sun, 17 Nov 2019 12:23:37 GMT
etag: W/"e6e39511f8913e76e000918362952981"
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBwGKLWVWTsw5JbGAh256QryYX5pCUB8pYmlKWBLvkPBjBPW2B18zZhr5vi4vy%2FdoWitucxb3YkLgu%2BBXWxPPLB9F1n39Gb%2BHzge8e3pv%2F6cNiqXm3T9X1EqpjViqnxa10vArDc7RP%2BfV%2F%2Bl%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a2f8d2bafb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
popups.landingi.com/api/v2/landing/install-code?apikey=933a27dd-edc5-4cc6-8562-943cbe01942c&landing=e44d0957c1a119af28fc
200 OK 0 B URL HTTP/2 popups.landingi.com/api/v2/landing/install-code?apikey=933a27dd-edc5-4cc6-8562-943cbe01942c&landing=e44d0957c1a119af28fc
IP
GET /api/v2/landing/install-code?apikey=933a27dd-edc5-4cc6-8562-943cbe01942c&landing=e44d0957c1a119af28fc HTTP/1.1
Host: popups.landingi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 21:09:27 GMT
content-type: text/javascript; charset=UTF-8
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.3
cache-control: no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
styles.assets-landingi.com/assets/css/2.11-landend-base.css
200 OK 0 B URL HTTP/2 styles.assets-landingi.com/assets/css/2.11-landend-base.css
IP
GET /assets/css/2.11-landend-base.css HTTP/1.1
Host: styles.assets-landingi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 21:09:27 GMT
content-type: text/css
x-amz-id-2: DAPoSID3SNFMq1SdzTwP+G0QdY0b+Z+O5u40/LSi8hkDZM7TLuwYSOTBqp5CIunSb0yvQo4PEbc=
x-amz-request-id: CV6ZN4RDZ8QYTNYW
last-modified: Tue, 03 Mar 2020 06:54:15 GMT
etag: W/"46ec76433739ed16a2a496b443838cf0"
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKZCJb9BdAt16qriXS61hLby6PMv77V0yzxQ745vW4Y3lsZGi%2ByfXnXU9vuE7j%2Bvpkz5NBp3t1rOydE1mLjxIeT6SRZhs6jrq%2BavQ4P7IybIkKfHjMFnMqUrgS5i1DZAiIghmV5j1kMUiZoygw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a2f8d5be6b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/embed/3bOWCBl7zug?autoplay=1&loop=1&byline=0&portrait=0
200 OK 0 B URL HTTP/2 www.youtube.com/embed/3bOWCBl7zug?autoplay=1&loop=1&byline=0&portrait=0
IP
GET /embed/3bOWCBl7zug?autoplay=1&loop=1&byline=0&portrait=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://balagh-sa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Sep 2022 21:09:28 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=ktTbS1GSttM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=NhAk9YLbu44; Domain=.youtube.com; Expires=Sun, 05-Mar-2023 21:09:28 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+026; expires=Thu, 05-Sep-2024 21:09:27 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
balagh-sa.com/adv/
200 OK 0 B IP
Analyzer Verdict Alert fortinet Malware
GET /adv/ HTTP/1.1
Host: balagh-sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 06 Sep 2022 21:09:26 GMT
content-type: text/html
last-modified: Mon, 22 Aug 2022 09:25:15 GMT
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1PNf4VSAJUvta1t8Z4R%2FZMYcdDb%2B7W0A8%2FcaqvWNScqB%2BsX%2FtXaeAhPqXO%2BR9Le0X3dS1MIJghtRQKueIyo34JNnBrp5ZWVKp65IXFvXSlEaaLJRLImEfNHKabdxCNS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746a2f8ae9c2b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
104.21.7.24
143.204.55.25
23.36.79.10
93.184.220.29
185.20.209.147
104.18.32.68
52.213.16.251