trafficadbar.com/_kc1h
44.196.228.151302 Found 0 B IP 44.196.228.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_kc1h HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 21 Sep 2022 00:33:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Set-Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Fri, 21-Oct-2022 00:33:03 GMT; Max-Age=2592000; SameSite=Lax
Location: https://t-adbar1.com/_kc1h
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 00:13:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JaaM7bLgANoNm3ehHFmcTsjNsxYAbrV9dejZGido2lRMttIlEHEwgw==
Age: 1181
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5539
Expires: Wed, 21 Sep 2022 02:05:22 GMT
Date: Wed, 21 Sep 2022 00:33:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kktqaecEAOUEFdwo3XXYIXMWk4nwEkjDsrTqJUUM0-WqzQRrcpsfvQ==
age: 71870
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 00:33:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 0cc834d51210609fbccb7a6f06d1c94b
e44973665b4e5fee0075de22bdfa7b87e27177f1
09e774baad3be05281b8b6634beeae46cc3b0e95ad29b1e52f350be6b655591d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 00:33:04 GMT
Last-Modified: Tue, 20 Sep 2022 22:50:13 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aHvzcBjVljHhz8o1ygGHZDC5ha79XLeSuvDh3nqynTcghz8Yy7Lp5w==
Age: 6171
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 00:03:22 GMT
Expires: Wed, 21 Sep 2022 00:34:07 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JDe0eYx-zWz3Ma9FqGNvvVE-8H56ESpN6DmTcTeP5skwYah5mlad8A==
Age: 1782
t-adbar1.com/favicon.ico
44.196.228.151302 Found 138 B IP 44.196.228.151:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /favicon.ico HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Wed, 21 Sep 2022 00:33:04 GMT
content-type: text/html
content-length: 138
location: https://trafficadbar.com/favicon.ico
server: nginx
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5505
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:04 GMT
Last-Modified: Tue, 20 Sep 2022 23:01:20 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
t-adbar1.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
44.196.228.151302 Found 138 B URL HTTP/2 t-adbar1.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
IP 44.196.228.151:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Ijdza0VNZ1oxVndHTExVVkEyUVNzSUE9PSIsInZhbHVlIjoidHBiRDBQMHQyeEhYd2Z3ODFNNUpDUT09IiwibWFjIjoiNTVhN2I1ODZjMDYyOTc5OTBmMGI3YTAyYjYzMDc5MjljNDcwYjg3MGUxYWI0YWQ2ZWRiMzNiMTRkNGE1NzNmZSJ9&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Wed, 21 Sep 2022 00:33:04 GMT
content-type: text/html
content-length: 138
location: https://trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
server: nginx
X-Firefox-Spdy: h2
t-adbar1.com/assets/BarController.js
44.196.228.151200 OK 1.1 kB URL HTTP/2 t-adbar1.com/assets/BarController.js
IP 44.196.228.151:0
File type ASCII text, with very long lines (1068), with no line terminators
Hash efa0db095e35eb95ee151016e47c492b
82a86e0cdbbe5f4a1634b2274f076dbaa053b86e
5adfd45bc89f7c5d9bb06fafb7caf0f317f54849db006ad49301f027ad6ece4c
GET /assets/BarController.js HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Ijdza0VNZ1oxVndHTExVVkEyUVNzSUE9PSIsInZhbHVlIjoidHBiRDBQMHQyeEhYd2Z3ODFNNUpDUT09IiwibWFjIjoiNTVhN2I1ODZjMDYyOTc5OTBmMGI3YTAyYjYzMDc5MjljNDcwYjg3MGUxYWI0YWQ2ZWRiMzNiMTRkNGE1NzNmZSJ9&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:04 GMT
content-type: application/javascript
content-length: 1068
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
etag: "60c06a82-42c"
accept-ranges: bytes
X-Firefox-Spdy: h2
t-adbar1.com/assets/home_logo.png
44.196.228.151200 OK 2.9 kB URL HTTP/2 t-adbar1.com/assets/home_logo.png
IP 44.196.228.151:0
Hash e32f70b1c5bf447188b56f78c687f084
bfe06d3a62133d89662406d618a0abe49e84edf6
60a9e7fbe27b8d4dda6d7d0c35394e4469ce15c97603ad211bb09e6c91a324a8
GET /assets/home_logo.png HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Ijdza0VNZ1oxVndHTExVVkEyUVNzSUE9PSIsInZhbHVlIjoidHBiRDBQMHQyeEhYd2Z3ODFNNUpDUT09IiwibWFjIjoiNTVhN2I1ODZjMDYyOTc5OTBmMGI3YTAyYjYzMDc5MjljNDcwYjg3MGUxYWI0YWQ2ZWRiMzNiMTRkNGE1NzNmZSJ9&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:04 GMT
content-type: image/png
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
vary: Accept-Encoding
etag: W/"60c06a82-9a6"
content-encoding: gzip
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.237.51.86101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.51.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bpjQg2sarsIhPBcoZ67IJA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tV0Ipa3DDNyWF2aTZe2hZelyNCA=
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 18e987575b4170fca34072224b0736ee
190016578efd94b414e7bf63f1208f989c5a58e6
6390fff175f0c3a9755f9124244dfd113ed3b5b353ff5c2f019dd45ba1571f42
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 00:33:04 GMT
Last-Modified: Wed, 21 Sep 2022 00:17:36 GMT
Server: ECS (dcb/7F5B)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CYRM4SM5f9O2YynF90lLwf_E39sOI18Wh7BSf1ec4TUNUbeCmRBFjg==
Age: 928
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
104.17.25.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32065)
Hash 63827323c175768ccb0e8ed54589a3e5
9760e238d6ecced66396798559f70593793d801e
196f9479a27db836a2a7454e222f0cb52d4eeb162e0a50e69401ba1a8d81b564
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 26909
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e4a"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2434909
expires: Mon, 11 Sep 2023 00:33:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4t8Xe8NZj5kIs3wvmhSLaz6tqgQR4VNhnPCbV3cBfjB%2BTUZ7Lx5B0%2BkZqOiwprXDEFEl1%2FAT7matr5funqn5tiInlZXnPdZoOfYzVWgkR%2FYN%2BuRBQNrPR2XKlZxiM8NXFhvwIUY1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74deb5168e00b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lllpg.com/images/trackrarrow.png
172.67.140.164200 OK 1.3 kB URL HTTP/2 lllpg.com/images/trackrarrow.png
IP 172.67.140.164:0
File type PNG image data, 47 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 547b17eac800ff3941e68f9e2dd75d91
5d58e488b1fc1e2214e7450da02b1c8cba483743
930a9d4d4d3d6d7608d177af22beeff79140cce408d86a708f2a5ed1dafba4da
GET /images/trackrarrow.png HTTP/1.1
Host: lllpg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:05 GMT
content-type: image/png
content-length: 1266
last-modified: Tue, 10 May 2022 13:43:23 GMT
cf-cache-status: HIT
age: 6366
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDT%2B2lo4NwrxOqXzJZGEck24HnZ0pSCWgK%2FyNWNGGvUKUoZgouQcyyYuOUgYDfRDGEy%2FdFI0H%2FgMBK8PvEf9aN%2BYPAhcIVODLnIjluc9gu9I9oZaEumFYH4SfO4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74deb516da980afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/ui/1.11.4/jquery-ui.min.js
69.16.175.42200 OK 64 kB URL HTTP/2 code.jquery.com/ui/1.11.4/jquery-ui.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32035)
Hash 28749bfe6af321b7c932452b38ce8683
2b444e3dee68a935213db86fd188c22883a65683
9110cdde7eb592e332cf7fa4347e5b3b17a2868ecde80d0c4a054bf0dd5a03b2
GET /ui/1.11.4/jquery-ui.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://llclickpro.com
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:05 GMT
content-encoding: gzip
content-length: 64296
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-3ab2b"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663720385.dop010.sk1.t,1663720385.cds224.sk1.hn,1663720385.cds020.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 873c56ae2874652c6a813faad5f4ddc4
e3ebd931270439193ffd94fa6348237c3b43cf9c
0eb9f279554de70aa5c49a438ba0812f85d00b4a4c4d8c95ac35a27cdf1cafe0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 336
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:05 GMT
Last-Modified: Wed, 21 Sep 2022 00:27:29 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
pixel.leadsleap.net/set.html?n1=lltkra156457&v1=282196.21&n2=lltkrb156457&v2=282196.21
172.67.186.40200 OK 775 B URL HTTP/2 pixel.leadsleap.net/set.html?n1=lltkra156457&v1=282196.21&n2=lltkrb156457&v2=282196.21
IP 172.67.186.40:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ba612cffd2b2cb40e91148ec877a06ba
8e331c43ec5c9bb973c3fe6aa021db53c5a6b1d9
f3e0f2af96122069ec883916540e7c8cdc2f57dabd9eaab4b01be6a4009b7a8f
GET /set.html?n1=lltkra156457&v1=282196.21&n2=lltkrb156457&v2=282196.21 HTTP/1.1
Host: pixel.leadsleap.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:05 GMT
content-type: text/html
last-modified: Thu, 01 Oct 2020 11:41:08 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1%2FIu8Cs5o1uysYOD6ZY%2BeBvZwfNwP8zz37lJi7LOAq6mog90o0Rf4A49QhRMem0XanLu13TeDH0eVtW5Ze3jjaZKEzfS%2BkgPPzcj3CsfMARb1%2FbdWIfF%2FelIwyqPyTDjhT0%2FP6n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74deb517d9bbb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9813
Expires: Wed, 21 Sep 2022 03:16:39 GMT
Date: Wed, 21 Sep 2022 00:33:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9813
Expires: Wed, 21 Sep 2022 03:16:39 GMT
Date: Wed, 21 Sep 2022 00:33:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9813
Expires: Wed, 21 Sep 2022 03:16:39 GMT
Date: Wed, 21 Sep 2022 00:33:06 GMT
Connection: keep-alive
t-adbar1.com/_kc1h
44.196.228.151200 OK 964 B IP 44.196.228.151:0
Hash e6179665ecc603bbe068e405e04fccae
9428eff75e3b40edec89e2c5a9b017d892ead7f7
8587788996582107c0a141b3850ae4987c1f201c0cb7335092fcbbbb9499b15e
GET /_kc1h HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:04 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
set-cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Fri, 21-Oct-2022 00:33:04 GMT; Max-Age=2592000; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9813
Expires: Wed, 21 Sep 2022 03:16:39 GMT
Date: Wed, 21 Sep 2022 00:33:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8bae3a7a80ff40df1d701dfc925ddeff
91df60162a8322469cada0dd8eb93619f28aec1a
fab10c7ad4658bc191621d9f2042236a7b6e34448ce5215dde5b8d6a64b52952
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6897
x-amzn-requestid: 509dc368-dd1c-4be7-94ff-64dbd53c199f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YoqoRG2WIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63268b01-1cb916c251fd5f2f3cf10435;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 03:05:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JB1bt_R_dtA1cgaQinaQjtvsvxI8URaFudTBsF5IA0itMeTng3ERhA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 04:14:21 GMT
age: 73125
etag: "91df60162a8322469cada0dd8eb93619f28aec1a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
llclickpro.com/MCTGlanding/tab
172.67.188.246200 OK 11 kB URL HTTP/2 llclickpro.com/MCTGlanding/tab
IP 172.67.188.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (373), with CRLF, LF line terminators
Hash 707f545640b0dddeebde7f85f5fe1f0a
b953daa13556003ea777cfe5597f6c2d525e3362
ed37892435754c6813f2cabdf74362db6d03ca3ad097b86f802f0afaa6efbde3
GET /MCTGlanding/tab HTTP/1.1
Host: llclickpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: lltkrl156457=1; expires=Thu, 22-Sep-2022 00:33:04 GMT; Max-Age=86400; path=/; SameSite=Lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzrqnFmsKuCxCSxMVZnFcz9HHspFQKu9DtRX95dsrk%2FvllTE4C76kXf8dluCBzfabsorfXadQQmHN2QNN84qg82MOZBFclk%2FAXwL7CnY%2B%2BUu5ujHXvBtFL1R3IKjKUsimA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74deb513aa86b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dab1f2cd68979d2004ba4449d759a341
54ed14436a75ba2aeb8459bad2ce70229aff4203
e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NzOpixfxr2pFiDhF5WUGmjD8r2CTn1grSkCEyWvthxRq0djbDKjknA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:15:05 GMT
age: 8281
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28c514e2-3b27-42b0-a913-853081b33d5b.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28c514e2-3b27-42b0-a913-853081b33d5b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8718016fd606d22c29d7d781f0bdd1db
690f537d16ce17adeeb72246418f13795b08ea67
43d3d95e47ef25b0b823c7242cf872ada8e789547fc3df8c1f85d65fcd407818
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28c514e2-3b27-42b0-a913-853081b33d5b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7722
x-amzn-requestid: 4be82a2f-b4a3-4222-8a44-788b5bbc62b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioKtFH_IAMF8Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420aa-28ede63e19dd73c661519eff;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:22 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YcU4eGMn81unbZk5gRr9rYlxYU7DS4_a-arNBheZH5PbBVytegLG2g==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 12:09:08 GMT
age: 44638
etag: "690f537d16ce17adeeb72246418f13795b08ea67"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
trafficadbar.com/favicon.ico
52.202.155.140200 OK 4.8 kB URL HTTP/2 trafficadbar.com/favicon.ico
IP 52.202.155.140:0
Hash bd0399f2c659a3c7cbac1f282dd93f66
a6df7eb0c235810227fc53798f47ea7cb25cf593
96507050ef4b4c17bab50df16179c985e3b98d98aa9590deed02ccaaf1071684
GET /favicon.ico HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:04 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24bb3042-6621-4dd2-99f1-4b50cc7da808.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24bb3042-6621-4dd2-99f1-4b50cc7da808.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10ad73e887b57566c4ba3ae763552a2e
63252bd8cc72452c4c6be84593d704ae9bf97d1f
7d58d096045066af053eb1a1fc3878d3e2080aa50b71aa30fa5b7929693ab004
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24bb3042-6621-4dd2-99f1-4b50cc7da808.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9399
x-amzn-requestid: 44705828-c137-4ab5-8538-5d4595a2b058
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvkJGjxoAMF6-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202c80-3cb542a303a59002480c82b2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:08:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PIZx2S4HyPokzOhbut6yFxH_-32I3SvT1jbeo2rSxQtkgYZGcqjBJA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:00:12 GMT
age: 9174
etag: "63252bd8cc72452c4c6be84593d704ae9bf97d1f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash db376f916fc982818c445f3c28fdf09d
94d830dfe5aa6825ede2181560ca0d80fce451aa
09ab1e193b61bd8a9775d01881ef1eabd73a1bc6a30bbfebf7633a3daab2a10c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09AB1E193B61BD8A9775D01881EF1EABD73A1BC6A30BBFEBF7633A3DAAB2A10C"
Last-Modified: Tue, 20 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21541
Expires: Wed, 21 Sep 2022 06:32:07 GMT
Date: Wed, 21 Sep 2022 00:33:06 GMT
Connection: keep-alive
www.morecouponstogo.com/uni-landing
34.237.47.210200 OK 33 kB URL HTTP/2 www.morecouponstogo.com/uni-landing
IP 34.237.47.210:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5272)
Hash 6b5c672a11e9a3aacccda337519bf38b
705a889996e53438e75c851e33e2d232d02ffa79
95e4c4bdb37a58a29a9d3312b105fd9540c0813c0735951e0256d3acef74bc3d
Analyzer Verdict Alert fortinet Phishing
GET /uni-landing HTTP/1.1
Host: www.morecouponstogo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 00:33:06 GMT
content-type: text/html; charset=UTF-8
content-length: 33301
x-brizy-preview: 1
vary: Accept-Encoding
content-encoding: gzip
x-varnish: 17079387 3768525
age: 294247
via: 1.1 varnish (Varnish/6.2)
x-cache: HIT
x-cache-hits: 589
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1703ed1cdd3dc82c7a9436b4ec0bb436
b47a8adde9689736bc6df80143cd43004ca3fce9
b4400f74428171326c0697896c024479a73c1548f23476354f37cd3109979efd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2606
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:06 GMT
Last-Modified: Tue, 20 Sep 2022 23:49:40 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
trafficadbar.com/bar/show.js
52.202.155.140200 OK 686 B URL HTTP/2 trafficadbar.com/bar/show.js
IP 52.202.155.140:0
Hash 66356b4b9464e02a05c7f92c682cce02
fe2db8c863bdb4b14b4561063d390f84ab780245
cb651d49727b72f43b47bd846a04861548f42f2e8ad59c7535c5e1ba326d3d6c
GET /bar/show.js HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:06 GMT
content-type: application/javascript
content-length: 686
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
etag: "60c06a82-2ae"
expires: Sun, 20 Nov 2022 00:33:06 GMT
pragma: public
cache-control: max-age=5184000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 0e653fd2e92920e0a63af995f9d4a05e
28e817c03f21dff9ed8ca9463dcdb5ccd3de844d
e07aa2a54299217a10acd34f0ea02a4d5f09ea93e6944e4925c79d4554f2c747
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 00:33:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 17:02:02 GMT
Expires: Sat, 24 Sep 2022 17:02:01 GMT
Etag: "28e817c03f21dff9ed8ca9463dcdb5ccd3de844d"
Cache-Control: max-age=317934,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74deb52269b40b51-OSL
d1ielco78gv5pf.cloudfront.net/assets/external_portfolio.js
54.230.245.134200 OK 10 kB URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/external_portfolio.js
IP 54.230.245.134:0
Hash 8be642f56f32bdb22e8ae10ce5616f41
7b2b5b4a122c6494373104d1b4568751b04fb03c
45089cad2cd24d92ba2860edb7f678fb79a54c88be678fbfc34db37cee474ca4
GET /assets/external_portfolio.js HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 368
date: Tue, 17 May 2022 09:40:53 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-encoding: gzip
etag: "6282220d-170"
expires: Fri, 14 May 2032 09:40:53 GMT
last-modified: Mon, 16 May 2022 10:06:05 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZzxVeVwqHTiVi6Dncd4fKrBApiVxHAup7-0iBOpP6DhqicdvauILqA==
age: 10939934
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-LRYZTN7NCV
142.250.74.72200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LRYZTN7NCV
IP 142.250.74.72:0
File type ASCII text, with very long lines (17807)
Hash f9a44cc257f6c287b138a6e3a300726d
d3dfaf9faa201e50d700a351e7231120dea4c835
54336a519900b8350ad7f15f1574bca53c044ad73276078eb33eb46e122c022a
GET /gtag/js?id=G-LRYZTN7NCV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 00:33:06 GMT
expires: Wed, 21 Sep 2022 00:33:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75558
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 0e653fd2e92920e0a63af995f9d4a05e
28e817c03f21dff9ed8ca9463dcdb5ccd3de844d
e07aa2a54299217a10acd34f0ea02a4d5f09ea93e6944e4925c79d4554f2c747
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 00:33:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 17:02:02 GMT
Expires: Sat, 24 Sep 2022 17:02:01 GMT
Etag: "28e817c03f21dff9ed8ca9463dcdb5ccd3de844d"
Cache-Control: max-age=317933,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74deb522ace70b49-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash e62142804833affb577dfa36f695110b
41945f0d2e86939d44380f4d23d99ad925c239c7
f60d6c716a07e66a07099c0af7ba4932cc7af2dd1ab3085427548067d5e2e155
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 00:33:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 24 Sep 2022 21:22:51 GMT
ETag: "41945f0d2e86939d44380f4d23d99ad925c239c7"
Last-Modified: Tue, 20 Sep 2022 21:22:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1383
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74deb5230e870afa-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 0e653fd2e92920e0a63af995f9d4a05e
28e817c03f21dff9ed8ca9463dcdb5ccd3de844d
e07aa2a54299217a10acd34f0ea02a4d5f09ea93e6944e4925c79d4554f2c747
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 00:33:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 17:02:02 GMT
Expires: Sat, 24 Sep 2022 17:02:01 GMT
Etag: "28e817c03f21dff9ed8ca9463dcdb5ccd3de844d"
Cache-Control: max-age=317933,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74deb52269b5b500-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 0e653fd2e92920e0a63af995f9d4a05e
28e817c03f21dff9ed8ca9463dcdb5ccd3de844d
e07aa2a54299217a10acd34f0ea02a4d5f09ea93e6944e4925c79d4554f2c747
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 00:33:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 17:02:02 GMT
Expires: Sat, 24 Sep 2022 17:02:01 GMT
Etag: "28e817c03f21dff9ed8ca9463dcdb5ccd3de844d"
Cache-Control: max-age=317933,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74deb5226eb8b50b-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 0e653fd2e92920e0a63af995f9d4a05e
28e817c03f21dff9ed8ca9463dcdb5ccd3de844d
e07aa2a54299217a10acd34f0ea02a4d5f09ea93e6944e4925c79d4554f2c747
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 00:33:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 17:02:02 GMT
Expires: Sat, 24 Sep 2022 17:02:01 GMT
Etag: "28e817c03f21dff9ed8ca9463dcdb5ccd3de844d"
Cache-Control: max-age=317933,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74deb522afd9b521-OSL
b-cloud.b-cdn.net/builds/pro/115-cloud/css/group-3-pro.css
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/115-cloud/css/group-3-pro.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /builds/pro/115-cloud/css/group-3-pro.css HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:07 GMT
content-type: text/css
content-length: 0
server: BunnyCDN-NO-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Tue, 16 Aug 2022 09:36:39 GMT
x-amz-id-2: /GKm3F1SrQwXUMTgP+bBBorpUYm33AslOgoKImZ0UBhwe6ZID7A/hz7xR0Bn5J7fd5lHycjqtMo=
x-amz-request-id: 0X3YEM599KPDTDZQ
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/21/2022 00:33:07
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/115-cloud/css/group-3-pro.css>; rel="canonical"
cdn-status: 200
cdn-requestid: fd92ac9d5ad2c43dc06f0026dafea9d4
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:40:18 GMT
expires: Fri, 15 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 460369
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
142.250.74.163200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:14:35 GMT
expires: Tue, 19 Sep 2023 21:14:35 GMT
cache-control: public, max-age=31536000
age: 98312
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.gravitec.net/storage/651b3da8463250405063839a2450c723/client.js
45.133.44.4200 OK 19 kB URL HTTP/2 cdn.gravitec.net/storage/651b3da8463250405063839a2450c723/client.js
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Hash 3ebbb451d44231b6ed2f2b306c5d8e80
a3045535a7a035e7e90a3867ce0a0c7cdd1ce42f
ba750515cd54267228e43f82077eea200180309fb02a175d14b7ffe7dace158a
GET /storage/651b3da8463250405063839a2450c723/client.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:07 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Thu, 10 Mar 2022 09:36:39 GMT
etag: W/"6229c6a7-100fb"
expires: Thu, 10 Mar 2022 10:12:22 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: REVALIDATED
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/palanquindark/v12/xn76YHgl1nqmANMB-26xC7yuF8YyY14yd8o.woff2
142.250.74.163200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/palanquindark/v12/xn76YHgl1nqmANMB-26xC7yuF8YyY14yd8o.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 18824, version 1.0\012- data
Hash 0b8cbe6afbac36bab648231406851927
2f67e3adf1061cf82e075d636ae22bc4fca731ea
2c83b448afb8398f6ff0f1d684f125b13e0889b05c5041bb8ff4eb680a892089
GET /s/palanquindark/v12/xn76YHgl1nqmANMB-26xC7yuF8YyY14yd8o.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 16:22:28 GMT
expires: Wed, 20 Sep 2023 16:22:28 GMT
cache-control: public, max-age=31536000
age: 29439
last-modified: Mon, 09 May 2022 18:56:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 26566
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/palanquindark/v12/xn75YHgl1nqmANMB-26xC7yuF86JRks.woff2
142.250.74.163200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/palanquindark/v12/xn75YHgl1nqmANMB-26xC7yuF86JRks.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 20084, version 1.0\012- data
Hash 732c9716022aa43449564603e08aeb9b
477fa3a5c43696287d20b4b491e36d754d1c8866
37bb3776ce24d18cccdd5dc96199ad60c22afd1e190452a18e8c4fd2f8679a98
GET /s/palanquindark/v12/xn75YHgl1nqmANMB-26xC7yuF86JRks.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20084
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:53:31 GMT
expires: Fri, 15 Sep 2023 16:53:31 GMT
cache-control: public, max-age=31536000
age: 459576
last-modified: Mon, 09 May 2022 18:42:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68e34bf52251cb0f4e66cad3b7a07cd8
0669d941d851158083d5dec02a555a0e912ff4a5
a44aa6f3faf01eeda96ae4d2d78b82862a09db76b307e7f7e5189eef3e15fc14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A44AA6F3FAF01EEDA96AE4D2D78B82862A09DB76B307E7F7E5189EEF3E15FC14"
Last-Modified: Mon, 19 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 21 Sep 2022 06:33:08 GMT
Date: Wed, 21 Sep 2022 00:33:08 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
216.58.211.10200 OK 2.6 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
IP 216.58.211.10:0
Hash 76ff068ffb0c2f4ac3cf8eb7625a0c40
80ea3a7af23d96b5461d708c966895918706c007
b267ca206d3de5641010dc292aa9ae9918fbcfab732f345edb96bfc5a2b721a5
GET /css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 00:33:06 GMT
date: Wed, 21 Sep 2022 00:33:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yazing.com/js/showdeals-yzwg.js?id=yzwg-2764a27acd553fdd6f61b46260e7d50c&d=2051
54.162.214.56200 OK 1.3 kB URL HTTP/1.1 yazing.com/js/showdeals-yzwg.js?id=yzwg-2764a27acd553fdd6f61b46260e7d50c&d=2051
IP 54.162.214.56:0
Hash 1bf2bd339fc8d9a60c52c8261afb0563
c0bacf7055ab2bc2654bc9014ce67c43aefea261
69d8cab7b077ecb6b5cbcb3a8271cc0daf2c6f4449f567cb5afe7299cbbb13b3
GET /js/showdeals-yzwg.js?id=yzwg-2764a27acd553fdd6f61b46260e7d50c&d=2051 HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 00:33:08 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Tue, 07 Jun 2022 08:14:40 GMT
ETag: "ee9-5e0d72e2d0111-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Content-Length: 1294
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.77.32200 OK 8.7 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, from Unix\012- data
Hash f23cd4849e7c5a95a3c93f9a6bd665af
06fb19e13aca7813a79a742fe2d9aa45db0547da
f5048b07abee8a2ef663516a6237b7b374207ccf213417d1ab19f7f2f64de1b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8931175502F91058993A98CC977953E745E426FE8A8A74932386BC7891CB1E7D"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4364
Expires: Wed, 21 Sep 2022 01:45:52 GMT
Date: Wed, 21 Sep 2022 00:33:08 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9405985bfe6aab7c008cf3a305f79b0f
d698b786300ea45e2cd1b9d3fadf2639e71efe5e
28c7a840f64d83b92b41d7255788845fbe83aefbee8acf3d8cb131ffd81f6267
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6540
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:08 GMT
Last-Modified: Tue, 20 Sep 2022 22:44:08 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9405985bfe6aab7c008cf3a305f79b0f
d698b786300ea45e2cd1b9d3fadf2639e71efe5e
28c7a840f64d83b92b41d7255788845fbe83aefbee8acf3d8cb131ffd81f6267
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6540
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:08 GMT
Last-Modified: Tue, 20 Sep 2022 22:44:08 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
yazing.com/css/showdeals-yzwg.css
54.162.214.56200 OK 406 B URL HTTP/1.1 yazing.com/css/showdeals-yzwg.css
IP 54.162.214.56:0
Hash 67799b159cb3ef050044a77a2b3a9b45
886d44342cba8c02f846fc12bcce675f8356f1b3
4e3c99e3266b36b09cbb5bac828e08cf82ffe1d810c57049627da012ce92fcaa
GET /css/showdeals-yzwg.css HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 00:33:08 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Mon, 26 Apr 2021 12:38:43 GMT
ETag: "441-5c0df6d092f3d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Content-Length: 406
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
a-cloud.b-cdn.net/media/iW=114&iH=114&oX=0&oY=18&cW=114&cH=79/9b040f5e483e93a7cce7e811fc84b625.png
194.242.11.186200 OK 2.4 kB URL HTTP/2 a-cloud.b-cdn.net/media/iW=114&iH=114&oX=0&oY=18&cW=114&cH=79/9b040f5e483e93a7cce7e811fc84b625.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash e2efb80dd70da9c830d24a0f9f300c55
6aa426ea229ea9dcf4a8b92061a05c4550da84af
4b52bf99734c07dc456858b0bb76f90efc9a98608b96ad6a6ae03068f3c73694
GET /media/iW=114&iH=114&oX=0&oY=18&cW=114&cH=79/9b040f5e483e93a7cce7e811fc84b625.png HTTP/1.1
Host: a-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:08 GMT
content-type: image/webp
content-length: 2422
server: BunnyCDN-NO-830
cdn-pullzone: 465925
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Wed, 21 Sep 2022 00:33:08 GMT
x-bo-server: DE-42
x-downloadsize: 3464
x-bo-origindownloadtime: 373
x-bo-processingtime: 0
x-bo-compressionratio: 30.08%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/21/2022 00:33:08
cdn-edgestorageid: 830
link: <https://www.brizy.cloud/media/iW=114&iH=114&oX=0&oY=18&cW=114&cH=79/9b040f5e483e93a7cce7e811fc84b625.png>; rel="canonical"
cdn-status: 200
cdn-requestid: 05f725439bc9fcdea672ff32db57e1f2
cdn-cache: MISS
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 1.3 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, max compression, from Unix\012- data
Hash ffff26e29712d862068dd19c91ae0e76
cfe66fb354e8736c45ae7c561c2f58d77ae4b9e8
e687e65578eee3ffc7dbf1fc504ccfca5da7860ec48f3684c3f24bb753ec90c9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAD8F63B11002B38D302C3BCA8CD396E1B3B6590966A0AB2AB2FBB23C13783FA"
Last-Modified: Mon, 19 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3043
Expires: Wed, 21 Sep 2022 01:23:51 GMT
Date: Wed, 21 Sep 2022 00:33:08 GMT
Connection: keep-alive
api.gravitec.media/api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=73eb69a2-37e7-47d4-b7f3-825a3bd91f76&utmb=33437e44-202f-46c9-8f4d-85e61b1f5a9d&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F
35.214.184.209201 Created 0 B URL HTTP/2 api.gravitec.media/api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=73eb69a2-37e7-47d4-b7f3-825a3bd91f76&utmb=33437e44-202f-46c9-8f4d-85e61b1f5a9d&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F
IP 35.214.184.209:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=73eb69a2-37e7-47d4-b7f3-825a3bd91f76&utmb=33437e44-202f-46c9-8f4d-85e61b1f5a9d&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F HTTP/1.1
Host: api.gravitec.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 201 Created
server: nginx
date: Wed, 21 Sep 2022 00:33:08 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
x-correlation-id: f6cc3a1e147e21bd0d371b6936251d24
X-Firefox-Spdy: h2
yazing.com/widget/ajax-show-deals
54.162.214.56200 OK 5.0 kB URL HTTP/1.1 yazing.com/widget/ajax-show-deals
IP 54.162.214.56:0
File type JSON data\012- , ASCII text, with very long lines (5047), with no line terminators
Hash d21f6bc85be24c1a419d3e9482f2a4bf
787c2d195a004bd2fae0dd2f4912b02e87d742f8
7df9f03cc786acf63fdaa52a10cf92687a70c74688591b1e0b3a43b09f0bf190
POST /widget/ajax-show-deals HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 350
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 00:33:08 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: advanced-frontend=ktlj0ure0d4r3p4beg3nlggc4d; expires=Fri, 20-Sep-2024 00:33:08 GMT; Max-Age=63072000; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Content-Length: 5047
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
trafficadbar.com/bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
52.202.155.140302 Found 472 B URL HTTP/2 trafficadbar.com/bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
IP 52.202.155.140:0
Hash 6e871380318c8a883f329ca25b2ee36c
e8d3585a45b2b32814096416b12028644c3aff50
0496e550737efc29d25e0bed099c472680f2367aa3d4cde4209bfa9af41fd9d2
GET /bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://trafficadbar.com/bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Wed, 21 Sep 2022 00:33:07 GMT
content-type: text/html; charset=UTF-8
server: nginx
location: /bar/page2.php?a=MTGSamurai&b=490&c=90&d=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&ref1=https%3A%2F%2Fllclickpro.com%2F&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 00:29:23 GMT
expires: Wed, 21 Sep 2022 00:44:23 GMT
cache-control: public, max-age=900
age: 226
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
216.58.207.194302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 21 Sep 2022 00:33:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e871380318c8a883f329ca25b2ee36c
e8d3585a45b2b32814096416b12028644c3aff50
0496e550737efc29d25e0bed099c472680f2367aa3d4cde4209bfa9af41fd9d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trafficadbar.com/assets/ads.css
52.202.155.140200 OK 385 B URL HTTP/2 trafficadbar.com/assets/ads.css
IP 52.202.155.140:0
Hash 05463025a9969b0844abe65f601e5c8a
4b9dcbf2c2d7e339ee8160c56ae92e1fd18595dc
bb8ddf7ca872ae352ec221a148c2e83ac8eabee859b8a7c261b8e2e941463fa3
GET /assets/ads.css HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trafficadbar.com/bar/page2.php?a=MTGSamurai&b=490&c=90&d=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&ref1=https%3A%2F%2Fllclickpro.com%2F&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:09 GMT
content-type: text/css
content-length: 385
server: nginx
last-modified: Thu, 11 Aug 2022 01:03:12 GMT
etag: "62f45550-181"
expires: Sun, 20 Nov 2022 00:33:09 GMT
pragma: public
cache-control: max-age=5184000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
54.230.245.134200 OK 793 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
IP 54.230.245.134:0
File type ASCII text, with very long lines (2368)
Hash 3496295286ae79c9f3b199075c24f520
4fd6984a982c0651c067954e56e3bd3987cda84a
fa4e9037f198d06563b4a8efbf38bcacae7046417353d90e7be45af4ec07b69f
GET /assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 793
date: Sun, 05 Jun 2022 10:06:42 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-encoding: gzip
etag: "62988ba7-319"
expires: Wed, 02 Jun 2032 10:06:42 GMT
last-modified: Thu, 02 Jun 2022 10:06:31 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2cX6gLIMuUG9WQAik7dH7fArH_o4rfu3Jx_Q-Xlj0RA9LvsoG-yFnA==
age: 9296788
X-Firefox-Spdy: h2
yazing.com/uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png
54.162.214.56200 OK 32 kB URL HTTP/1.1 yazing.com/uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png
IP 54.162.214.56:0
File type PNG image data, 156 x 156, 8-bit/color RGB, non-interlaced\012- data
Hash e73e4950ca69496813697388bd293d8e
5d318dc8a278e0557dd0a27001294b2bdfbbc67f
9b79ee4d11f956e94c8bf287a0f813bd48dc25f269f121685393abbb37e271e1
GET /uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 00:33:09 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sat, 08 Jan 2022 10:03:48 GMT
ETag: "7ee3-5d50f3844096e"
Accept-Ranges: bytes
Content-Length: 32483
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ih1.redbubble.net/image.2431145804.5847/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 10 kB URL HTTP/2 ih1.redbubble.net/image.2431145804.5847/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 8f6f53785c14ab8a77c0aa90a761e397
27b8a13e4692d280551a541df86597327783211f
6e6de7900d29f1106e51cd663320f6acbd0be5b9691f633724119f6ee0f8e484
GET /image.2431145804.5847/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 2563227
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 21 Sep 2022 00:33:10 GMT
etag: W/"6e6de7900d29f1106e51cd663320f6ac"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F712)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 888bc34b-6200-454b-b256-7a55d31b146d
x-xss-protection: 1; mode=block
content-length: 10297
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2501823087.1427/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 13 kB URL HTTP/2 ih1.redbubble.net/image.2501823087.1427/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 41a7ff2b932518137a3d3ed4e75cff14
12788c351920ae2e6a6915c80ea0f1cae9106382
281a8d6feb56d70c6a48c55fbf412a1d8e6fe90435118f7571a8635c0f706ceb
GET /image.2501823087.1427/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 2563227
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 21 Sep 2022 00:33:10 GMT
etag: W/"281a8d6feb56d70c6a48c55fbf412a1d"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F71B)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: d5f2891d-027d-4541-8e68-d499a6d21006
x-xss-protection: 1; mode=block
content-length: 12808
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2615509652.3915/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 9.5 kB URL HTTP/2 ih0.redbubble.net/image.2615509652.3915/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash bec24a797621dc1b550df36956ebada4
2e28ce3cc5e85db3d2c5fb26f7a328f594a620c8
4e57c4041246929caec036f63290e869dea5923090d2e263a083a0cd9df0f51b
GET /image.2615509652.3915/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 1631749
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 21 Sep 2022 00:33:10 GMT
etag: W/"4e57c4041246929caec036f63290e869"
last-modified: Fri, 02 Sep 2022 03:17:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F6FC)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: f3220ace-a8c8-4dd2-8b02-2f651e96f57e
x-xss-protection: 1; mode=block
content-length: 9544
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2609329537.2892/raf,220x200,075,t,white.u5.jpg
68.232.35.237200 OK 13 kB URL HTTP/2 ih0.redbubble.net/image.2609329537.2892/raf,220x200,075,t,white.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 7c729abcf1fb3cbc2c5338f004443fc8
ba2199b908015be4eb601ea363fa1e6a05e6109a
c350b44a154b399e0bef5fafa2ce0bbabd485db22ed9531b4566a297704c2898
GET /image.2609329537.2892/raf,220x200,075,t,white.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 438410
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 21 Sep 2022 00:33:10 GMT
etag: W/"c350b44a154b399e0bef5fafa2ce0bba"
last-modified: Thu, 15 Sep 2022 22:46:21 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F6FC)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: a1f9feb2-f818-4d5e-a57b-efc733dc4048
x-xss-protection: 1; mode=block
content-length: 13202
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2436230143.4649/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 15 kB URL HTTP/2 ih0.redbubble.net/image.2436230143.4649/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 9a8c105ed2bc868dc77dd23860b0eae7
baba5fd5da037202cc6bee4b94c5e61553a6e4e5
e3a68991feafac3f02cffdee42f521b29379b95d10bada143ec7eb76b29bdf1e
GET /image.2436230143.4649/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 2563226
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 21 Sep 2022 00:33:10 GMT
etag: W/"e3a68991feafac3f02cffdee42f521b2"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F71E)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: aadd9ba7-de8e-4ca0-b4e2-841f2c1ae673
x-xss-protection: 1; mode=block
content-length: 14753
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2615293405.8342/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 13 kB URL HTTP/2 ih0.redbubble.net/image.2615293405.8342/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 10f80b48faf4716e42eeb69a479532cf
2ab71ce122e15b05fdc9d5a965f5497bb5e93cca
544947c0b6bcc6f5ab033bc6799dbe00fa4f0312d6ab6829f47da24f59a86c2b
GET /image.2615293405.8342/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 2563226
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 21 Sep 2022 00:33:10 GMT
etag: W/"544947c0b6bcc6f5ab033bc6799dbe00"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F708)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: be3b6589-2793-4135-a84a-ed9930596195
x-xss-protection: 1; mode=block
content-length: 13106
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 7e24e09d17a24d77bd4aef2e2b704b35
70b4c3ad464ac77ef1541603dadb685321bb538a
cd9c0f13d1642292319c70b2e3e48ca2f82c4779779a240f70432d5dc484cf57
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 00:33:10 GMT
Last-Modified: Tue, 20 Sep 2022 22:59:26 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: n3kvU_492r6orMWkw0I2lkQ-NWCNY3iYHxPvI7mLzScc0xWM6ZJdbA==
Age: 5624
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 7e24e09d17a24d77bd4aef2e2b704b35
70b4c3ad464ac77ef1541603dadb685321bb538a
cd9c0f13d1642292319c70b2e3e48ca2f82c4779779a240f70432d5dc484cf57
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 00:33:10 GMT
Last-Modified: Tue, 20 Sep 2022 22:46:17 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Q6jFRboHRDC7Bdb6ULZlZm9iflf7il7dMDC8Q2K_pcocvvGR7_-FlQ==
Age: 6413
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 7e24e09d17a24d77bd4aef2e2b704b35
70b4c3ad464ac77ef1541603dadb685321bb538a
cd9c0f13d1642292319c70b2e3e48ca2f82c4779779a240f70432d5dc484cf57
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 00:33:10 GMT
Last-Modified: Tue, 20 Sep 2022 23:17:27 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dzpq0n19Rn5jspqLbO95xBRa3XA6du6NKcxtkLhKavXlnrq-2_GnUw==
Age: 4543
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 7e24e09d17a24d77bd4aef2e2b704b35
70b4c3ad464ac77ef1541603dadb685321bb538a
cd9c0f13d1642292319c70b2e3e48ca2f82c4779779a240f70432d5dc484cf57
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 00:33:10 GMT
Last-Modified: Tue, 20 Sep 2022 23:14:30 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bwbJYf_G9tXN3xrduQtB_ksT1ELhqsFgAXbFvDRcOEAYg60b69RPgw==
Age: 4720
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 7e24e09d17a24d77bd4aef2e2b704b35
70b4c3ad464ac77ef1541603dadb685321bb538a
cd9c0f13d1642292319c70b2e3e48ca2f82c4779779a240f70432d5dc484cf57
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 00:33:10 GMT
Last-Modified: Tue, 20 Sep 2022 22:44:39 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gMtmmaisT-KHnQ--mXl5sg0N7s3hU_wWDTLkpsnXWwo-UO4hUCeKMQ==
Age: 6511
ih1.redbubble.net/image.2615416373.1429/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 12 kB URL HTTP/2 ih1.redbubble.net/image.2615416373.1429/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 4ed24b51630a165d7ab03688d1325d25
c726cb712f4cd72bf5c564a7dc0ad0ebbf9d2a52
19914bb432c06112f7f8b4878fbfbb15d4610cac7de7e1e4cada665e77dc02ac
GET /image.2615416373.1429/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 2563227
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 21 Sep 2022 00:33:10 GMT
etag: W/"19914bb432c06112f7f8b4878fbfbb15"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F709)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 0ad3ffab-7e43-4a7d-a9af-f6a7d7e1622c
x-xss-protection: 1; mode=block
content-length: 12230
X-Firefox-Spdy: h2
www.youtube.com/embed/d36aPUaJ1Pg?autoplay=1&controls=0&start=2&end=2&modestbranding=1&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=d36aPUaJ1Pg
216.58.211.14200 OK 39 kB URL HTTP/2 www.youtube.com/embed/d36aPUaJ1Pg?autoplay=1&controls=0&start=2&end=2&modestbranding=1&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=d36aPUaJ1Pg
IP 216.58.211.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (60273)
Hash 542691d0c41037fe1ff7f275ec7cff9d
8e5978e2e59e78ac4c705f0249cd355bc8501db3
97bc5b263d0ef2cb79b969a05ff182d36ddd758010f9babb05c7ab4f0a1da3a1
GET /embed/d36aPUaJ1Pg?autoplay=1&controls=0&start=2&end=2&modestbranding=1&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=d36aPUaJ1Pg HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 21 Sep 2022 00:33:07 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=v2WbUQxKaAk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=2g7kMqkXZ_4; Domain=.youtube.com; Expires=Mon, 20-Mar-2023 00:33:07 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+676; expires=Fri, 20-Sep-2024 00:33:07 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 67b756e82caefc7860b9f2d4a4f40341
adeae15d52089bcca4ca247fc4aebceef8406e34
72ff9f52080a633dc841554f7d4cc70083edd2572b535d84093ae63f0c50b832
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ih1.redbubble.net/image.2423146004.3028/raf,220x200,075,t,black.u5.jpg
68.232.35.237200 OK 7.1 kB URL HTTP/2 ih1.redbubble.net/image.2423146004.3028/raf,220x200,075,t,black.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash ea2e9b008dd5ea4ae82bd436910c2533
9b839ada94e09772f01c49af1032b9f046e9b6ed
0220c6be7d3cfcffc662fcab4c31803925ec7e294e4165098a1b364ad8800ace
GET /image.2423146004.3028/raf,220x200,075,t,black.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 2563227
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 21 Sep 2022 00:33:10 GMT
etag: W/"0220c6be7d3cfcffc662fcab4c318039"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F716)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 0c943895-8cf5-4c7d-88fc-024373c4d11a
x-xss-protection: 1; mode=block
content-length: 7140
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 21 Sep 2022 00:33:10 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/8jEuNRvllEtFmLzioZdbHhRQ_2cTQWhd6LiOGRrTeiw.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/8jEuNRvllEtFmLzioZdbHhRQ_2cTQWhd6LiOGRrTeiw.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35918)
Hash b600177efe473664fb627ad35ffbc4db
b85f65be40c923277d1455e64a33966ee9fa0838
ec20323b3d03a9e3cb135ab17c27cee75eab248b40f3ebed5062d80ef18f961f
GET /js/th/8jEuNRvllEtFmLzioZdbHhRQ_2cTQWhd6LiOGRrTeiw.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:03:05 GMT
expires: Thu, 14 Sep 2023 05:03:05 GMT
cache-control: public, max-age=31536000
age: 588605
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 67801aaa77b0226b24e48c3d2b0055ec
284e0390a9afeed4f556a2e7eac0e75c33b01d6c
b576b0b0307ccf104137b1427b246e30570da6c64a1c8116fe4e765a0562a308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ada29f357ebf16bf037a8f7ca0943687
08a6e41c5fa688ca538b3e4b30ec8100fb292aaf
e368e32c7f8c8d2ae99520c324a2571ed402c80f76aec3c05a9711df12150de5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/fGvQjp1vAT1R4bAKTFLaSbdsfdYFDwAzVjeRVQeikH22bvHWsGULZdwIkpZXktcXZc5gFJuA3w=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.3 kB URL HTTP/2 yt3.ggpht.com/fGvQjp1vAT1R4bAKTFLaSbdsfdYFDwAzVjeRVQeikH22bvHWsGULZdwIkpZXktcXZc5gFJuA3w=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash aa88733c6109ac5412919fae9530cee1
71909fb3269c11af76ffc71d859bbf1a42db6119
6f86c4d42a7091e03feeff783a952b9c0df15c18e122997aac1baf035f7f3c40
GET /fGvQjp1vAT1R4bAKTFLaSbdsfdYFDwAzVjeRVQeikH22bvHWsGULZdwIkpZXktcXZc5gFJuA3w=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2269
x-xss-protection: 0
date: Wed, 21 Sep 2022 00:11:56 GMT
expires: Mon, 19 Sep 2022 16:09:46 GMT
cache-control: public, max-age=86400, no-transform
age: 1274
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash d83c6381277e156260911b56c744cc87
aab45d34b40d2f1483a83696d2033627952c8815
120f2784957edc0bf4e7e5f17f760d9f35805fac5cb7a11d6170f18a685c8d88
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Sep 2022 00:33:10 GMT
server: ESF
cache-control: private
content-length: 31086
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/aWzlQ2N6qqg/sddefault.jpg
216.58.207.214200 OK 48 kB URL HTTP/2 i.ytimg.com/vi/aWzlQ2N6qqg/sddefault.jpg
IP 216.58.207.214:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 7173dcfe72e71d832ca60453d80301ae
15c9906500141ebf957857c7201ab55678ffc777
8fc535a9d9f3529919d52e32e33fa30db6b1e38db224211e076cc1287e8537f7
GET /vi/aWzlQ2N6qqg/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 47706
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 23:31:05 GMT
expires: Wed, 21 Sep 2022 01:31:05 GMT
cache-control: public, max-age=7200
age: 3725
etag: "1644783514"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/7917.png
52.217.165.88200 OK 10 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/7917.png
IP 52.217.165.88:0
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b5d385907bcf0703ae7ead02b368c80
d831c2f7ab7abd33317198d7492c34c4c8959c51
1c8928c1b3d80b09befdb9bf131ed0033f86a64f7f6412ad2924224d2363827b
GET /logos.formetocoupon.com/120x60/7917.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: FgzD6nuFGXJstaDcPOfhG1Lzt83FpRw5IJb9iZFXDZPw11Q7MRouz33r2nwx5dv8GCCAAViofog=
x-amz-request-id: 8EDB1KFGEXSY0PT1
Date: Wed, 21 Sep 2022 00:33:11 GMT
Last-Modified: Fri, 16 Feb 2018 13:29:19 GMT
ETag: "3b5d385907bcf0703ae7ead02b368c80"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 9970
s3.amazonaws.com/logos.formetocoupon.com/120x60/6371.gif
52.217.165.88200 OK 3.3 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/6371.gif
IP 52.217.165.88:0
File type GIF image data, version 89a, 120 x 60\012- data
Hash 0848dda6f9148f1f1c58add084bfbc08
2b4375d49f17ff29afe8bf25e02f9fa18431a172
5e3094b7ac855db3b122c4615b8d006c68d217c32d0623783a5dbd7e2b47ddd7
GET /logos.formetocoupon.com/120x60/6371.gif HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: wOr3lhfGaBRq7MopvSrjo6faYk04lKfEIw1mslzCmktGOZ0HQQAQb+JtT7ydqokcU4nJG9Q2XDc=
x-amz-request-id: 8ED178HRRR6C7TN6
Date: Wed, 21 Sep 2022 00:33:11 GMT
Last-Modified: Fri, 11 Apr 2014 21:02:06 GMT
ETag: "0848dda6f9148f1f1c58add084bfbc08"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 3289
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 67801aaa77b0226b24e48c3d2b0055ec
284e0390a9afeed4f556a2e7eac0e75c33b01d6c
b576b0b0307ccf104137b1427b246e30570da6c64a1c8116fe4e765a0562a308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ada29f357ebf16bf037a8f7ca0943687
08a6e41c5fa688ca538b3e4b30ec8100fb292aaf
e368e32c7f8c8d2ae99520c324a2571ed402c80f76aec3c05a9711df12150de5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s3.amazonaws.com/logos.formetocoupon.com/120x60/33650.jpg
52.217.165.88200 OK 32 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/33650.jpg
IP 52.217.165.88:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2019:12:09 11:35:22], baseline, precision 8, 120x60, components 3\012- data
Hash a16b43f73d95fbfdc48816eaafdc47c9
f84950482be1db3e2aff7c08d18b87ed542c1e5c
c577d99bd06de7d5d269339b692b8108ffd1d87ae2b3d060628a570e45f46474
GET /logos.formetocoupon.com/120x60/33650.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: LKkrHBX3uUH3hPeKeVzOuVYiGVtxkKSmzAH5lM7I/AALp+XIoAdEc1av39/uEoCH/p08NxgLVpI=
x-amz-request-id: 8ED95N799MYZKTA5
Date: Wed, 21 Sep 2022 00:33:11 GMT
Last-Modified: Mon, 09 Dec 2019 09:36:20 GMT
ETag: "a16b43f73d95fbfdc48816eaafdc47c9"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 31686
trafficadbar.com/assets/home_logo_88.png
52.202.155.140200 OK 24 kB URL HTTP/2 trafficadbar.com/assets/home_logo_88.png
IP 52.202.155.140:0
Hash 874a6a6b8be3faf126835b8530721709
8e5b01530a774540af008c3ca7d55d3ee4e5e049
c4b4d4b9013873d3c61352bd980d56ef61725208c1dc70288fad593a69028c99
GET /assets/home_logo_88.png HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trafficadbar.com/bar/page2.php?a=MTGSamurai&b=490&c=90&d=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&ref1=https%3A%2F%2Fllclickpro.com%2F&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:09 GMT
content-type: image/png
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
vary: Accept-Encoding
etag: W/"60c06a82-881"
expires: Sun, 20 Nov 2022 00:33:09 GMT
pragma: public
cache-control: max-age=5184000, public
content-encoding: gzip
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/46170.jpg
52.217.165.88200 OK 23 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/46170.jpg
IP 52.217.165.88:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:01:27 19:07:58], progressive, precision 8, 120x60, components 3\012- data
Hash f74ddffa1803f21402e9fcd29f5a12de
610e36df75d42ae84289fb935d88133cd9c7d3cd
612916df133fea1143359c190b7fd1d8810e26753e82581439f44e676d596357
GET /logos.formetocoupon.com/120x60/46170.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 54Cp7U8Lnr081mgs5zxjPsr3id6Glat1jwNxhOTLBWgsZaUEIX9hkCIHWFjYcFFNhBKZ6a2GHss=
x-amz-request-id: 8EDB4JA0T2Z0S6BB
Date: Wed, 21 Sep 2022 00:33:11 GMT
Last-Modified: Wed, 27 Jan 2021 17:08:30 GMT
ETag: "f74ddffa1803f21402e9fcd29f5a12de"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 22751
www.youtube.com/embed/aWzlQ2N6qqg?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
216.58.211.14200 OK 50 kB URL HTTP/2 www.youtube.com/embed/aWzlQ2N6qqg?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
IP 216.58.211.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60309)
Hash 5f5755ec4ba6f86024da2782bdbdf93e
dcf8418698a82677291fb940e9f8d22a2b44bf64
6b50ae57783382dec86680e37d944908293d07f1ede39843bdc352d5eb436fe5
GET /embed/aWzlQ2N6qqg?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 21 Sep 2022 00:33:07 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Mac7pW-e5CQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=lDYuF19rrz0; Domain=.youtube.com; Expires=Mon, 20-Mar-2023 00:33:07 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+209; expires=Fri, 20-Sep-2024 00:33:07 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.redbubble.com/people/gratitude-aros/external-portfolio?count=9
172.64.153.8200 OK 20 kB URL HTTP/2 www.redbubble.com/people/gratitude-aros/external-portfolio?count=9
IP 172.64.153.8:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (470)
Hash c96a794670616bd6068c67a20622f45f
ff2ab34b994c3d3a238f5bed2632a4809405f5d4
7d74b457e75baa0ce269893503391b187923a00d5f8bdead25f0cabe249d2bb3
GET /people/gratitude-aros/external-portfolio?count=9 HTTP/1.1
Host: www.redbubble.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Cookie: __cf_bm=CNoD9jgu3xA4m4ZIkSGpWYHWgu0Yru0kzb7usNRvpoI-1663720386-0-AckdsS0Ho4XiizGocry8hdTBhJaEZHZK7pdDjdYrBtRWjY8iANUiInkmVRwaMH/DJ11XFSwlZsbEv9U9dK4AFUk=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:08 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
etag: W/"264da33baf08c58cb161388d83298968"
referrer-policy: strict-origin-when-cross-origin
set-cookie: open_id_token=eyJhbGciOiJFUzI1NiIsImtpZCI6InJlZGJ1YmJsZS00IiwidHlwIjoiSldUIn0.eyJhbXIiOlsidW5hdXRoZW50aWNhdGVkIl0sImlzcyI6Imh0dHBzOi8vd3d3LnJlZGJ1YmJsZS5jb20iLCJzdWIiOiJyZWRidWJibGU6MDFHREVRQ1hFWUZEWjZOVjNCRlI5MlFEVzYiLCJhdWQiOiJyZWRidWJibGUtc2VydmljZXMiLCJleHAiOjE2NjM3MjA5ODgsImlhdCI6MTY2MzcyMDM4OH0.lGZ5R__BLKrvKc4gwuVGJqVxB-nrXHSfTf7raGNUW3mC1WJ1WnTtlnhuEYPeD5fgAOXYCYWRJJCaGh1C_WB-AQ; Path=/; Domain=redbubble.com; Expires=Wed, 28 Sep 2022 00:33:08 GMT; Secure; SameSite=Lax
rbVisitorId=01GDEQCXEZH10NZGWVSR40DPQ6; Path=/; Domain=redbubble.com; Expires=Wed, 28 Sep 2022 00:33:08 GMT; HttpOnly; Secure; SameSite=Lax
_rb_session=af0c1b4350295702b4f9500a962c682d9b50f5ad2c4fe6c59835b32510d11ac0; domain=.redbubble.com; path=/; secure
_rb_session4=TGtva2h0bk1RNE1QVFhWTW5YU1drcEJIVTJFZWFmNjhVNnMyQlo0S2tqRG8ySVhmUUFUWm5mUEVwTzhIbVVVcHVFOHBYNTBxTkFoaDNsZkFNaUM5cjRPc0N1SGpORVJRQ25kZkV3eW8vRi9ZNHZpc2RBWkh4eGJlTVNldnV1cHYtLVRPaTJkeVNGSmVOUkdUdkpJckhUeWc9PQ%3D%3D--d34f90425db4ea6dba5a7fa34e0312bea1e4c865; path=/; secure; HttpOnly
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-rb-bot-identified: False
x-rb-oid: eyJhbGciOiJFUzI1NiIsImtpZCI6InJlZGJ1YmJsZS00IiwidHlwIjoiSldUIn0.eyJhbXIiOlsidW5hdXRoZW50aWNhdGVkIl0sImlzcyI6Imh0dHBzOi8vd3d3LnJlZGJ1YmJsZS5jb20iLCJzdWIiOiJyZWRidWJibGU6MDFHREVRQ1hFWUZEWjZOVjNCRlI5MlFEVzYiLCJhdWQiOiJyZWRidWJibGUtc2VydmljZXMiLCJleHAiOjE2NjM3MjA5ODgsImlhdCI6MTY2MzcyMDM4OH0.lGZ5R__BLKrvKc4gwuVGJqVxB-nrXHSfTf7raGNUW3mC1WJ1WnTtlnhuEYPeD5fgAOXYCYWRJJCaGh1C_WB-AQ
x-request-id: 21f0ca68-2924-4861-abed-deae37ca5a71
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74deb526dff7b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/45137.jpg
52.217.165.88200 OK 23 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/45137.jpg
IP 52.217.165.88:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2020:10:07 08:48:42], baseline, precision 8, 120x60, components 3\012- data
Hash c06f917133f51135a708a10e060e52fe
3cf6f925484233fbe0abc4cf7d0105073349302f
284666ca3c61afdcbfcc92940c37320f7f27bd0e7a12e6a8c87e9c5a787f7627
GET /logos.formetocoupon.com/120x60/45137.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 9cJXxxynBJ/OMzu+gRGWpS+syIRtjkQpV0yEqpwTWtIPV0Z4mMPQtKnVqUHQWHh7Xk1B3qtsWHs=
x-amz-request-id: 8ED0AJ67Z5WXA87W
Date: Wed, 21 Sep 2022 00:33:11 GMT
Last-Modified: Wed, 07 Oct 2020 06:48:52 GMT
ETag: "c06f917133f51135a708a10e060e52fe"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 23080
s3.amazonaws.com/logos.formetocoupon.com/120x60/44869.jpg
52.217.165.88200 OK 19 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/44869.jpg
IP 52.217.165.88:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2020:09:18 18:09:06], baseline, precision 8, 120x60, components 3\012- data
Hash ce9e1958f27f0be73c24b082a03db1ee
9becb08536ff59411906a36ed1726cdacac9de7f
536bbe84654fd64313413b81a19fba5744347c91f2142557be4f3f664eb1bbe9
GET /logos.formetocoupon.com/120x60/44869.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: aP/cad/OsZUEQE4ZQGo2X8U5j1IVr/MIJavCrolvY88ZTU0L6U/zZk9Kw+8wbA+xMLswhEL6Wpk=
x-amz-request-id: 8ED13TPVS9VN370E
Date: Wed, 21 Sep 2022 00:33:11 GMT
Last-Modified: Fri, 18 Sep 2020 16:09:35 GMT
ETag: "ce9e1958f27f0be73c24b082a03db1ee"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 19298
d1ielco78gv5pf.cloudfront.net/assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png
54.230.245.134200 OK 753 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png
IP 54.230.245.134:0
File type PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 95b83ee0d2cb98b5133345024a14031e
fb1f79f434185cabeda75b895cb0e98113c8c6ec
5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0
GET /assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 753
date: Mon, 05 Sep 2022 13:09:45 GMT
server: nginx
last-modified: Sun, 04 Sep 2022 10:06:31 GMT
expires: Thu, 02 Sep 2032 13:09:45 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vQzNx6Z3rGEcWCrdfJBqYE0ldaDbmgbxC08xmwvHMv0Dm1Pi5ZGeUA==
age: 1337005
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png
54.230.245.134200 OK 147 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png
IP 54.230.245.134:0
File type PNG image data, 7 x 10, 8-bit gray+alpha, non-interlaced\012- data
Hash aafe97f737c068ef75a9410c8a45f5a4
0d1856e53194b2a68d1976a21fe05d20eac683b6
44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47
GET /assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 147
date: Fri, 27 May 2022 01:22:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=315360000, public
etag: "628dff80-93"
expires: Mon, 24 May 2032 01:22:02 GMT
last-modified: Wed, 25 May 2022 10:05:52 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RReBJvSiBiJwasKZrXhDL4iM8w-kVSp6zYKWM7a6HyrtL77Ckf35aw==
age: 10105868
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash ed9689f2d37feb6b9bb6b4c12fa43f3a
c5199803780a0f5819bd7b04c9cd7e00a3c8ffbf
b625f488653be098247acf09c7d89883804016b9d004e6454c5f80b482804683
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Sep 2022 00:33:11 GMT
server: ESF
cache-control: private
content-length: 30706
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif
54.230.245.134200 OK 1.8 kB URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif
IP 54.230.245.134:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 53c8654b9584bb9f925f2e9f12a3a365
69b347445a08ef2e1235cb8ff2fad484d59ae7d3
8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d
GET /assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 1785
date: Wed, 18 May 2022 14:23:23 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=315360000, public
etag: "628373c3-6f9"
expires: Sat, 15 May 2032 14:23:23 GMT
last-modified: Tue, 17 May 2022 10:06:59 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ik05bFLJfMnmfpIW5rXjPcrCjSeMUJsXy5_IJO-TaaCanGA1qXZQqg==
age: 10836588
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81d42d817c63fd387f875fae88f126a
88fa4a4aa864600dfc025c7077d355d38d2d22b9
81ad3d8e554a0fd4530752e92a769bb4689229fb097bb09076bd85c7d3208fe7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81d42d817c63fd387f875fae88f126a
88fa4a4aa864600dfc025c7077d355d38d2d22b9
81ad3d8e554a0fd4530752e92a769bb4689229fb097bb09076bd85c7d3208fe7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663741991&ei=x1sqY7qjFMeHyAWDpZGoCA&ip=91.90.42.154&id=o-AC9IY_0oiIdLcumWTDfTxdYgRBj9RxZRGbSXubsDN7zx&itag=250&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1200000&spc=yR2vp-wM6ePoMezf6mJgM9QARpducPI&vprv=1&mime=audio%2Fwebm&ns=SD9VKj1NxuXJcz_1gCeA64gI&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&mt=1663719930&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=g_aehDd5rsXVTw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAKX59a80Jd3le1g4zhdEfyUYv-z45q26zIhgEKUyUJe4AiEApEjyRfNzs_JRKcZDLptGl1K8Z1nco5QmvfMdWu8r4rc%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgRdJeKSfTpW66YLZsxOHPWdGFgSP4N4EVy8BAGsX0OyMCIQC3v9nLfQxJ2KZM0yJYN-e1KijO-uOFgBy7VSjTlAb7WA%3D%3D&alr=yes&cpn=wLzLD2MhZPjdHOfv&cver=1.20220918.00.00&range=0-337&rn=2&rbuf=0
91.90.45.172200 OK 338 B URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663741991&ei=x1sqY7qjFMeHyAWDpZGoCA&ip=91.90.42.154&id=o-AC9IY_0oiIdLcumWTDfTxdYgRBj9RxZRGbSXubsDN7zx&itag=250&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1200000&spc=yR2vp-wM6ePoMezf6mJgM9QARpducPI&vprv=1&mime=audio%2Fwebm&ns=SD9VKj1NxuXJcz_1gCeA64gI&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&mt=1663719930&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=g_aehDd5rsXVTw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAKX59a80Jd3le1g4zhdEfyUYv-z45q26zIhgEKUyUJe4AiEApEjyRfNzs_JRKcZDLptGl1K8Z1nco5QmvfMdWu8r4rc%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgRdJeKSfTpW66YLZsxOHPWdGFgSP4N4EVy8BAGsX0OyMCIQC3v9nLfQxJ2KZM0yJYN-e1KijO-uOFgBy7VSjTlAb7WA%3D%3D&alr=yes&cpn=wLzLD2MhZPjdHOfv&cver=1.20220918.00.00&range=0-337&rn=2&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash ad731b1b5f15e8439e4ab2816fe84240
1dbb0f630b426413eda4e6b4134979aec2d4ae8b
099a421c809946c753da16a33d1815db997edd49bc686e5d97f85ab2f234515c
GET /videoplayback?expire=1663741991&ei=x1sqY7qjFMeHyAWDpZGoCA&ip=91.90.42.154&id=o-AC9IY_0oiIdLcumWTDfTxdYgRBj9RxZRGbSXubsDN7zx&itag=250&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1200000&spc=yR2vp-wM6ePoMezf6mJgM9QARpducPI&vprv=1&mime=audio%2Fwebm&ns=SD9VKj1NxuXJcz_1gCeA64gI&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&mt=1663719930&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=g_aehDd5rsXVTw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAKX59a80Jd3le1g4zhdEfyUYv-z45q26zIhgEKUyUJe4AiEApEjyRfNzs_JRKcZDLptGl1K8Z1nco5QmvfMdWu8r4rc%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgRdJeKSfTpW66YLZsxOHPWdGFgSP4N4EVy8BAGsX0OyMCIQC3v9nLfQxJ2KZM0yJYN-e1KijO-uOFgBy7VSjTlAb7WA%3D%3D&alr=yes&cpn=wLzLD2MhZPjdHOfv&cver=1.20220918.00.00&range=0-337&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 24 Feb 2022 09:07:16 GMT
Content-Type: audio/webm
Date: Wed, 21 Sep 2022 00:33:11 GMT
Expires: Wed, 21 Sep 2022 00:33:11 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 338
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663741991&ei=x1sqY7qjFMeHyAWDpZGoCA&ip=91.90.42.154&id=o-AC9IY_0oiIdLcumWTDfTxdYgRBj9RxZRGbSXubsDN7zx&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1200000&spc=yR2vp-wM6ePoMezf6mJgM9QARpducPI&vprv=1&mime=video%2Fwebm&ns=SD9VKj1NxuXJcz_1gCeA64gI&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&mt=1663719930&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=g_aehDd5rsXVTw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMQbeFXBOE7-7RSEo6dY7rVXTRAdeJ6vhJQmZBKwPZQnAiEA60DcGvJcXt_I7I465jHUHlytiNzS_c2F5tJrAk-0BQo%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgRdJeKSfTpW66YLZsxOHPWdGFgSP4N4EVy8BAGsX0OyMCIQC3v9nLfQxJ2KZM0yJYN-e1KijO-uOFgBy7VSjTlAb7WA%3D%3D&alr=yes&cpn=wLzLD2MhZPjdHOfv&cver=1.20220918.00.00&range=0-348&rn=1&rbuf=0
91.90.45.172200 OK 349 B URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663741991&ei=x1sqY7qjFMeHyAWDpZGoCA&ip=91.90.42.154&id=o-AC9IY_0oiIdLcumWTDfTxdYgRBj9RxZRGbSXubsDN7zx&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1200000&spc=yR2vp-wM6ePoMezf6mJgM9QARpducPI&vprv=1&mime=video%2Fwebm&ns=SD9VKj1NxuXJcz_1gCeA64gI&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&mt=1663719930&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=g_aehDd5rsXVTw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMQbeFXBOE7-7RSEo6dY7rVXTRAdeJ6vhJQmZBKwPZQnAiEA60DcGvJcXt_I7I465jHUHlytiNzS_c2F5tJrAk-0BQo%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgRdJeKSfTpW66YLZsxOHPWdGFgSP4N4EVy8BAGsX0OyMCIQC3v9nLfQxJ2KZM0yJYN-e1KijO-uOFgBy7VSjTlAb7WA%3D%3D&alr=yes&cpn=wLzLD2MhZPjdHOfv&cver=1.20220918.00.00&range=0-348&rn=1&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 6799eeffb2467b3622904988938cc6c9
363a023f07f0578a4978f873d55603650c9b32de
430e019435c317dab1826c031d59218a2dd88706591d671aa2ade9b2e74dec74
GET /videoplayback?expire=1663741991&ei=x1sqY7qjFMeHyAWDpZGoCA&ip=91.90.42.154&id=o-AC9IY_0oiIdLcumWTDfTxdYgRBj9RxZRGbSXubsDN7zx&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1200000&spc=yR2vp-wM6ePoMezf6mJgM9QARpducPI&vprv=1&mime=video%2Fwebm&ns=SD9VKj1NxuXJcz_1gCeA64gI&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&mt=1663719930&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=g_aehDd5rsXVTw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMQbeFXBOE7-7RSEo6dY7rVXTRAdeJ6vhJQmZBKwPZQnAiEA60DcGvJcXt_I7I465jHUHlytiNzS_c2F5tJrAk-0BQo%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgRdJeKSfTpW66YLZsxOHPWdGFgSP4N4EVy8BAGsX0OyMCIQC3v9nLfQxJ2KZM0yJYN-e1KijO-uOFgBy7VSjTlAb7WA%3D%3D&alr=yes&cpn=wLzLD2MhZPjdHOfv&cver=1.20220918.00.00&range=0-348&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 24 Feb 2022 09:07:16 GMT
Content-Type: video/webm
Date: Wed, 21 Sep 2022 00:33:11 GMT
Expires: Wed, 21 Sep 2022 00:33:11 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 349
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81d42d817c63fd387f875fae88f126a
88fa4a4aa864600dfc025c7077d355d38d2d22b9
81ad3d8e554a0fd4530752e92a769bb4689229fb097bb09076bd85c7d3208fe7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a4893887bdb021e38fd6ea5db19902b4
052832c9f51f17f1e4b54f87a577b52aa128c7bd
1b1b30c46c6a0f44a6afa802c775d94f6719b42b88d017f5690cb115517c4c6b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3209
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 00:33:12 GMT
Last-Modified: Tue, 20 Sep 2022 23:39:43 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92f202bddcfee6efac41bcc25be5745
9d297544318ff34f839678d8b358290ab6bd62a8
f471aaff7c08c60905cff5b1c9d4b669a3179574493d23d27e681110688af6b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7060
x-amzn-requestid: 69e8f4d4-2360-4124-a9e9-9cce3dd43da7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yx0NWEgmIAMFusQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a33ee-0f4861c226117d70664b8612;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:43:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kj4FQUvvo13Yrwu_bKqee64IMn6X0UXlOJQ3fh40qejOi-3dtCrEYg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:55:57 GMT
age: 9435
etag: "9d297544318ff34f839678d8b358290ab6bd62a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.gravitec.net/sdk/web/configs?appKey=651b3da8463250405063839a2450c723
45.133.44.4200 OK 0 B URL HTTP/2 cdn.gravitec.net/sdk/web/configs?appKey=651b3da8463250405063839a2450c723
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
GET /sdk/web/configs?appKey=651b3da8463250405063839a2450c723 HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:07 GMT
content-type: application/json
server: nginx
x-correlation-id: 43398ba43b20d748a9a14d330399cd6d
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: MISS
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/115-cloud/css/preview.pro.css
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/115-cloud/css/preview.pro.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /builds/pro/115-cloud/css/preview.pro.css HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:07 GMT
content-type: text/css
server: BunnyCDN-NO-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"b73a64712964514c4363d1e65ce687ef"
last-modified: Tue, 16 Aug 2022 09:36:39 GMT
x-amz-id-2: KC0cjFA8pWVRjNVyOzidlG908EE+ecg/zUq4KBvwnplkLhCDAv83uc4bf3OkEzryLqQ6GBihDmA=
x-amz-request-id: T82W5MZTTNQ8EYNF
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/16/2022 10:39:07
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/115-cloud/css/preview.pro.css>; rel="canonical"
cdn-status: 200
cdn-requestid: ac390c8d3c4ee21ce234e4bbc2459f9a
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/115-cloud/js/preview.pro.js
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/115-cloud/js/preview.pro.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /builds/pro/115-cloud/js/preview.pro.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:07 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"a0846c37d24aba87fd848f37cd3c3281"
last-modified: Tue, 16 Aug 2022 09:36:39 GMT
x-amz-id-2: lioG9ZPUaCHsG1hw25KZAO17ZYhDWcXUL+kjxbFr2Mqn9E6cI1s2eQcAPaP+36n2Bd4VbqMdjN0=
x-amz-request-id: T82MEWJ6G32WFX45
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/16/2022 10:39:07
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/115-cloud/js/preview.pro.js>; rel="canonical"
cdn-status: 200
cdn-requestid: 19428e921d780b73431e968fae90ea8f
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.redbubble.com/assets/external_portfolio.js
172.64.153.8301 Moved Permanently 0 B URL HTTP/2 www.redbubble.com/assets/external_portfolio.js
IP 172.64.153.8:0
GET /assets/external_portfolio.js HTTP/1.1
Host: www.redbubble.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 21 Sep 2022 00:33:06 GMT
location: https://d1ielco78gv5pf.cloudfront.net/assets/external_portfolio.js
cache-control: max-age=3600
expires: Wed, 21 Sep 2022 01:33:06 GMT
set-cookie: __cf_bm=CNoD9jgu3xA4m4ZIkSGpWYHWgu0Yru0kzb7usNRvpoI-1663720386-0-AckdsS0Ho4XiizGocry8hdTBhJaEZHZK7pdDjdYrBtRWjY8iANUiInkmVRwaMH/DJ11XFSwlZsbEv9U9dK4AFUk=; path=/; expires=Wed, 21-Sep-22 01:03:06 GMT; domain=.redbubble.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 74deb5225e26b529-OSL
X-Firefox-Spdy: h2
z5traffic.com/t/matomo.js
44.196.228.151404 Not Found 0 B URL HTTP/2 z5traffic.com/t/matomo.js
IP 44.196.228.151:0
GET /t/matomo.js HTTP/1.1
Host: z5traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 21 Sep 2022 00:33:05 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.16.1
vary: Accept-Encoding
x-powered-by: PHP/7.4.12
cache-control: no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
IP 172.64.132.15:0
GET /releases/v5.15.4/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:05 GMT
content-type: text/css
x-amz-id-2: oih8J0hBMw8A0ZDypwdVn2MNF1pKbG1Ds45F+jYyvQ913/sIWPnWLyDWlpiHzea0D/laWzi/7UfGDUwqj97/gQ==
x-amz-request-id: S8HJYS56DJSTJTGD
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"a034d3c71bee546f625877d7932917f8"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1669836
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PUa2%2BJJUKpCALS3xdZsgUJSs3h7AsaglSdFEYgKQA2P%2FY9mNpfkfq9FzCtu3U8yKdgtgjdGft81CCAFDgOzTGXppyOoTnyX%2FFa%2BexD1nqQaG81%2F2v7j%2FrlmjcPeMvDM5reIY142"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74deb516eb327786-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
assets6.lottiefiles.com/private_files/lf30_aXRkcv.json
54.230.111.33200 OK 0 B URL HTTP/2 assets6.lottiefiles.com/private_files/lf30_aXRkcv.json
IP 54.230.111.33:0
GET /private_files/lf30_aXRkcv.json HTTP/1.1
Host: assets6.lottiefiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 1800
last-modified: Wed, 10 Jun 2020 03:42:46 GMT
x-amz-version-id: cl7YYcZ.eZwJkn7C3eZLvmpcNwHYuuSO
server: AmazonS3
content-encoding: br
date: Wed, 21 Sep 2022 00:33:09 GMT
etag: W/"fc1fe14e06bca801e615880167a4397d"
vary: Accept-Encoding,Origin
x-cache: RefreshHit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WOIR_ycEmRn7jv26aZN3_AJ_uTi2uxpqkLsNX2NjV1UgWAHRSmj4dg==
X-Firefox-Spdy: h2
www.youtube.com/embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
216.58.211.14200 OK 0 B URL HTTP/2 www.youtube.com/embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
IP 216.58.211.14:0
GET /embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 21 Sep 2022 00:33:07 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=B7eIKK0jJ98; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=S8Mg47zpOj8; Domain=.youtube.com; Expires=Mon, 20-Mar-2023 00:33:07 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+761; expires=Fri, 20-Sep-2024 00:33:07 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY
216.58.211.14200 OK 0 B URL HTTP/2 www.youtube.com/embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY
IP 216.58.211.14:0
GET /embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 21 Sep 2022 00:33:07 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Y3tmRNMZpSA; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=99M3_Vxkpec; Domain=.youtube.com; Expires=Mon, 20-Mar-2023 00:33:07 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+796; expires=Fri, 20-Sep-2024 00:33:07 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
52.202.155.140200 OK 0 B URL HTTP/2 trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
IP 52.202.155.140:0
GET /50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:04 GMT
content-type: image/jpeg
server: nginx
vary: Accept-Encoding
expires: Fri, 21 Oct 2022 00:33:03 GMT
pragma: public
cache-control: max-age=2591999
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/all.css
IP 172.64.132.15:0
GET /releases/v5.15.4/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:05 GMT
content-type: text/css
x-amz-id-2: HbM7ijn2Ff9X/1Vt9XeVXF531DG0bzvcTq5CZSGkm/YMoq0CXvSjXF4xJx2aLZ49QpK6+nYyLf0=
x-amz-request-id: 2HZ8KB750WAR2JFJ
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28458646
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7H%2BE%2BHoQ0J3ydve8Ybokhaqx9CUcjnVCA4ljH%2BVKdkQ4ip%2BoOo9cLY4mowdU93r26bMpaXXJFC6eFUdfxBx%2B7b%2F3A5haLd4EElMEvCuK5Xap1kFj9QOdPJ7Emp175xZ4LwmAeio"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74deb516eb387786-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
w.leadsleap.com/js.js
104.26.9.147200 OK 0 B IP 104.26.9.147:0
GET /js.js HTTP/1.1
Host: w.leadsleap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:06 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4038
last-modified: Mon, 06 Jun 2022 14:11:07 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 4932
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWwyFnADvW0Lq6G0ID16uIFeRuQyTLvbN72k%2FTpTG03uMDijIOmdG7HJry7lodcO5EaJrG%2FsOLUBW%2FoRGFmhJaNzsSpTRp9HIcAgFFSpni%2F3OLGfME0FuXnZ3HaoYGf%2BbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74deb5224870b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/115-cloud/js/group-3.pro.js
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/115-cloud/js/group-3.pro.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /builds/pro/115-cloud/js/group-3.pro.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:07 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"2604bf6ee4e609bdbfbb94c31adcd63d"
last-modified: Tue, 16 Aug 2022 09:36:39 GMT
x-amz-id-2: g03qzdonLEQkxWltK0A3fmPePrahcq1E/UIQ2xDUy9q/BQLXBAEOHZOkFC7xaj31fohND16hB1o=
x-amz-request-id: 0X3NBVZKF9TJRQVB
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/21/2022 00:33:07
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/115-cloud/js/group-3.pro.js>; rel="canonical"
cdn-status: 200
cdn-requestid: b6b823d376b6259835bf645fe3047090
cdn-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
cdn.gravitec.net/modules/0.bundle.js
45.133.44.4200 OK 0 B URL HTTP/2 cdn.gravitec.net/modules/0.bundle.js
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
GET /modules/0.bundle.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:08 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
etag: W/"61fa486f-2550"
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Ijdza0VNZ1oxVndHTExVVkEyUVNzSUE9PSIsInZhbHVlIjoidHBiRDBQMHQyeEhYd2Z3ODFNNUpDUT09IiwibWFjIjoiNTVhN2I1ODZjMDYyOTc5OTBmMGI3YTAyYjYzMDc5MjljNDcwYjg3MGUxYWI0YWQ2ZWRiMzNiMTRkNGE1NzNmZSJ9&abc=
44.196.228.151200 OK 0 B URL HTTP/2 t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Ijdza0VNZ1oxVndHTExVVkEyUVNzSUE9PSIsInZhbHVlIjoidHBiRDBQMHQyeEhYd2Z3ODFNNUpDUT09IiwibWFjIjoiNTVhN2I1ODZjMDYyOTc5OTBmMGI3YTAyYjYzMDc5MjljNDcwYjg3MGUxYWI0YWQ2ZWRiMzNiMTRkNGE1NzNmZSJ9&abc=
IP 44.196.228.151:0
GET /_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Ijdza0VNZ1oxVndHTExVVkEyUVNzSUE9PSIsInZhbHVlIjoidHBiRDBQMHQyeEhYd2Z3ODFNNUpDUT09IiwibWFjIjoiNTVhN2I1ODZjMDYyOTc5OTBmMGI3YTAyYjYzMDc5MjljNDcwYjg3MGUxYWI0YWQ2ZWRiMzNiMTRkNGE1NzNmZSJ9&abc= HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/_kc1h
Connection: keep-alive
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:04 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
set-cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Fri, 21-Oct-2022 00:33:04 GMT; Max-Age=2592000; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/free/240-cloud/editor/js/group-jq.js
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/free/240-cloud/editor/js/group-jq.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /builds/free/240-cloud/editor/js/group-jq.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:06 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"ed710a097ec10ed3e2e1403b9380da89"
last-modified: Tue, 16 Aug 2022 09:34:59 GMT
x-amz-id-2: nQBgbmU1EnXaS9DU92ulqq/C53UWiI6y2/CG/8JeCVTRNwNAcbW9cpR4oaRmp2cdsG5v2TCOgvo=
x-amz-request-id: T82S1R5YKDX6K6E8
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/16/2022 10:39:07
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/240-cloud/editor/js/group-jq.js>; rel="canonical"
cdn-status: 200
cdn-requestid: b1f45bc4d2a74a7407fd10756eb19bb0
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
w.leadsleap.com/php.php?ll_id=w52896&ll_sr=&ll_r=scsa7588&ll_tbo=&ll_hc=%23e22121&ll_tc=%23555a69&ll_cc=%238d9aa6&ll_bc=%23ffffff&ll_dc=%238891a8&ll_w=300&ll_fh=auto&ll_h=250&ll_b=&ll_n=6&ll_fs=&ll_ff=&ll_pa=0&ll_bgc=&ll_s=w&ll_br=&ll_cl=&ll_nc=1&ll_nf=0&ll_nh=0&ll_nm=0&ll_np=1&ll_fo=&ll_no=&ll_so=&ll_nt=0&ll_wt=1&ll_url=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&ll_rf=https%3A%2F%2Fllclickpro.com%2F
104.26.9.147200 OK 0 B URL HTTP/2 w.leadsleap.com/php.php?ll_id=w52896&ll_sr=&ll_r=scsa7588&ll_tbo=&ll_hc=%23e22121&ll_tc=%23555a69&ll_cc=%238d9aa6&ll_bc=%23ffffff&ll_dc=%238891a8&ll_w=300&ll_fh=auto&ll_h=250&ll_b=&ll_n=6&ll_fs=&ll_ff=&ll_pa=0&ll_bgc=&ll_s=w&ll_br=&ll_cl=&ll_nc=1&ll_nf=0&ll_nh=0&ll_nm=0&ll_np=1&ll_fo=&ll_no=&ll_so=&ll_nt=0&ll_wt=1&ll_url=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&ll_rf=https%3A%2F%2Fllclickpro.com%2F
IP 104.26.9.147:0
GET /php.php?ll_id=w52896&ll_sr=&ll_r=scsa7588&ll_tbo=&ll_hc=%23e22121&ll_tc=%23555a69&ll_cc=%238d9aa6&ll_bc=%23ffffff&ll_dc=%238891a8&ll_w=300&ll_fh=auto&ll_h=250&ll_b=&ll_n=6&ll_fs=&ll_ff=&ll_pa=0&ll_bgc=&ll_s=w&ll_br=&ll_cl=&ll_nc=1&ll_nf=0&ll_nh=0&ll_nm=0&ll_np=1&ll_fo=&ll_no=&ll_so=&ll_nt=0&ll_wt=1&ll_url=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&ll_rf=https%3A%2F%2Fllclickpro.com%2F HTTP/1.1
Host: w.leadsleap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 00:33:13 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNmYkYiOaPvFT8t%2BGdQiWGAQTDMPxcF4vtCvYJSXPOGcho7HlTeP7y%2FtpiP0%2B5wNqOTSZVfadVQgW6TGwQkXpoI29j8KijSIWzC%2FAFm2Mx%2F531thE9yi3NcvNs1yMC7lgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74deb546a86db4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2