trafficadbar.com/_kc1h
302 Found 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_kc1h HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 21 Oct 2022 07:02:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Set-Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Sun, 20-Nov-2022 07:02:07 GMT; Max-Age=2592000; SameSite=Lax
Location: https://t-adbar1.com/_kc1h
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6b6481bf5f33b42cdd966d49d8b70107
03ed01a9dc82a7efaf3706691249d811f64719a4
1e42a2cd7e7ef655d17dea6423dff85d3f57111d9bd08d2f829535aa462eb11c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E42A2CD7E7EF655D17DEA6423DFF85D3F57111D9BD08D2F829535AA462EB11C"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18994
Expires: Fri, 21 Oct 2022 12:18:41 GMT
Date: Fri, 21 Oct 2022 07:02:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 21 Oct 2022 06:36:49 GMT
Expires: Fri, 21 Oct 2022 06:47:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FtiJH4wjjcU2yDiLgu3Acq8r3OFlJG3Mo02LTzlK81wsapkl8Cf2YA==
Age: 1518
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9dc4f23f82148797f6d8041bdda3c7f7
6841ded3e2dd94fd762316d01efd43f7aafb8354
e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19007
Expires: Fri, 21 Oct 2022 12:18:54 GMT
Date: Fri, 21 Oct 2022 07:02:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pWEAN9QvKGoWYrKswWMdCJh7TYKTsTiM4jGBZXLMGCGCYwMOhw1DB1Pv9qIp6BG6j9vIA2g4WB0=
x-amz-request-id: XJH32PCXDA3120NS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 21 Oct 2022 06:05:00 GMT
age: 3427
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 21 Oct 2022 07:02:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 142cff79e99676047e5ee36acd49bda1
52bd913f793ed87f8096dbfe44f9641909510334
f8a26f980bea4f74d99a862fb3d68cb6e4b3259514b470398244be08fdd2bfd4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=148939
Date: Fri, 21 Oct 2022 07:02:07 GMT
Etag: "6351d8b7-1d7"
Expires: Sun, 23 Oct 2022 00:24:26 GMT
Last-Modified: Thu, 20 Oct 2022 23:24:39 GMT
Server: ECS (dcb/7FA6)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MhDreociKWHVnXnSkgac-fS3t-aFoeLWHwjRqeCEUd8Xor2NILFjCw==
Age: 3587
t-adbar1.com/favicon.ico
302 Found 138 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /favicon.ico HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Fri, 21 Oct 2022 07:02:08 GMT
content-type: text/html
content-length: 138
location: https://trafficadbar.com/favicon.ico
server: nginx
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 21 Oct 2022 06:43:40 GMT
Cache-Control: max-age=3600
Expires: Fri, 21 Oct 2022 07:42:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Fh0jrSzxdPvwOj1FhnQUZDrcOSWIncIK-fQh_4MPk0N_cHeKY2oylg==
Age: 1108
t-adbar1.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
302 Found 138 B URL HTTP/2 t-adbar1.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Inlack9rbXQ4R2pUOUlmNEMyT1NQdEE9PSIsInZhbHVlIjoidUd2Y1p5S21lblN5T3NOZGE3cFNydz09IiwibWFjIjoiYmE3MmYxNmI3NWYxMjk4ZmI2OWM1NWJjNjM0NzE4NjM0Yjg5N2EyNjAyMjJhZTcwZTlkMzgyYmE1NTNlZjcxNyJ9&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Fri, 21 Oct 2022 07:02:08 GMT
content-type: text/html
content-length: 138
location: https://trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
server: nginx
X-Firefox-Spdy: h2
t-adbar1.com/assets/BarController.js
200 OK 1.1 kB URL HTTP/2 t-adbar1.com/assets/BarController.js
IP
File type ASCII text, with very long lines (1068), with no line terminators
Hash efa0db095e35eb95ee151016e47c492b
82a86e0cdbbe5f4a1634b2274f076dbaa053b86e
5adfd45bc89f7c5d9bb06fafb7caf0f317f54849db006ad49301f027ad6ece4c
GET /assets/BarController.js HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Inlack9rbXQ4R2pUOUlmNEMyT1NQdEE9PSIsInZhbHVlIjoidUd2Y1p5S21lblN5T3NOZGE3cFNydz09IiwibWFjIjoiYmE3MmYxNmI3NWYxMjk4ZmI2OWM1NWJjNjM0NzE4NjM0Yjg5N2EyNjAyMjJhZTcwZTlkMzgyYmE1NTNlZjcxNyJ9&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:08 GMT
content-type: application/javascript
content-length: 1068
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
etag: "60c06a82-42c"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 343e505475372457c9890b5b63e6d6b3
aed5854cc6a364f657bd05380b6f1909f9007675
9eeb81dfb5edbc9a3e01f9e791fa2028bff1da0e8edbd422d1cda25bcd7a911c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146247
Date: Fri, 21 Oct 2022 07:02:08 GMT
Etag: "6351d49b-1d7"
Expires: Sat, 22 Oct 2022 23:39:35 GMT
Last-Modified: Thu, 20 Oct 2022 23:07:07 GMT
Server: ECS (dcb/7FA6)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 97bB7kUMwCwPmMhxmhMa6J_3VC5nqFZjgv4x3cIQ4tdfrN4oqgOrKw==
Age: 1948
ocsp.digicert.com/
200 OK 471 B IP
Hash a5dd4f71f4ddd5be9201466ed7a6c423
1d0832fb6e227d42137d319f728c8bc1414c816f
1edffa6a320210fccbd0e5fa6dbdaa45561678a75a66639985f02791c8283b40
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4580
Cache-Control: max-age=94858
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:08 GMT
Etag: "63510196-1d7"
Expires: Sat, 22 Oct 2022 09:23:06 GMT
Last-Modified: Thu, 20 Oct 2022 08:06:46 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 3.8 kB IP
Hash 90851a5c601992a0547848d951762f2a
37925a6fe6b21491a62fdf94c0aa7e828e24cf30
6cb29cd3357c2418cb5c7e8a8726715851b8f1dcc614d0cc7027593b3b41394b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2517
Cache-Control: max-age=133490
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:08 GMT
Etag: "6351a08d-117"
Expires: Sat, 22 Oct 2022 20:06:58 GMT
Last-Modified: Thu, 20 Oct 2022 19:25:01 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
File type ASCII text, with very long lines (32065)
Hash 63827323c175768ccb0e8ed54589a3e5
9760e238d6ecced66396798559f70593793d801e
196f9479a27db836a2a7454e222f0cb52d4eeb162e0a50e69401ba1a8d81b564
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 26909
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e4a"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1956788
expires: Wed, 11 Oct 2023 07:02:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2Fz8Iuwgn64iCijTMVdtUG%2BSP9OWnyY1WmwiXoWSv%2F4IrZINdss9%2BKg35RabZl8oW%2FbTyPI9BMwZ3qhB0dNT2zg5Qv2%2FRLfDzdkSJ0DelJY0%2FC5Xce1n1cVPDLFt0KwpITIqVQ9u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75d82040eedfb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash f930c31522f78e280e6f0b61589a18bc
fb640751735f720dfdd3c5de9929148d1dff7abb
5b9d551435f1738991590b6ec3690327ebdde4ea088ae43f1eb0850522398853
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5982
Cache-Control: max-age=167521
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:08 GMT
Etag: "635217f3-117"
Expires: Sun, 23 Oct 2022 05:34:09 GMT
Last-Modified: Fri, 21 Oct 2022 03:54:27 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
t-adbar1.com/_kc1h
200 OK 6.8 kB IP
Hash 78f8f9fb14527be5b7ce640e90babd81
f1b65525b8cc29f138a7cb3d7f4b97211604c8fa
f0c5a25b17424460c9c974d2e5d69bfecb4de64c0aac6b33505210a2d91dc2f3
GET /_kc1h HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:08 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
set-cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Sun, 20-Nov-2022 07:02:08 GMT; Max-Age=2592000; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash f8d99fcb1c8868cf12abe2d17e3be6ef
e1b2089de3499aa7199dec670ccdf8d908f1ebdb
e5ef2b09686fb53ee4aa0dad4ff38e7707a54f255a7a0d210ca262b7ac12fa4b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2517
Cache-Control: max-age=133490
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:08 GMT
Etag: "6351a08d-117"
Expires: Sat, 22 Oct 2022 20:06:58 GMT
Last-Modified: Thu, 20 Oct 2022 19:25:01 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
llclickpro.com/MCTGlanding/tab
200 OK 2.0 kB URL HTTP/2 llclickpro.com/MCTGlanding/tab
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (373), with CRLF, LF line terminators
Hash a3a61e231ea4093dd456065853b180d0
4d1422dce3b60dd5aee9e7aeb60f1701d079d767
4812aa19632b2c528a0bb688600ffe074374cea332fdc4dbf9de1af59ccb0fea
GET /MCTGlanding/tab HTTP/1.1
Host: llclickpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: lltkrl156457=1; expires=Sat, 22-Oct-2022 07:02:08 GMT; Max-Age=86400; path=/; SameSite=Lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0uTjW3TuBEZJ5DVqAwx5345BFOhEixRvuWyuCwe7HISBR5GsyPg8CzGkCzNO%2BAK96Nmvk2uWrscfSESn63cr%2BBpzR4TiZvroMWBBgB7VLOgiIy5C47npn0UYBNLdZlSCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75d8203e3dabb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 160ad2d6df2110d3aed423b805e14122
423d7b0f7f90cc67fe68123f1ca513681f2389e4
0014fee7a03faf9e66cea8ccfbeeeea7dcf739d86ab9ecc945eb29a4cadc51e8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3180
Cache-Control: max-age=104260
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:08 GMT
Etag: "63512bc8-117"
Expires: Sat, 22 Oct 2022 11:59:48 GMT
Last-Modified: Thu, 20 Oct 2022 11:06:48 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
code.jquery.com/ui/1.11.4/jquery-ui.min.js
200 OK 64 kB URL HTTP/2 code.jquery.com/ui/1.11.4/jquery-ui.min.js
IP
File type ASCII text, with very long lines (32035)
Hash 28749bfe6af321b7c932452b38ce8683
2b444e3dee68a935213db86fd188c22883a65683
9110cdde7eb592e332cf7fa4347e5b3b17a2868ecde80d0c4a054bf0dd5a03b2
GET /ui/1.11.4/jquery-ui.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://llclickpro.com
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:08 GMT
content-encoding: gzip
content-length: 64296
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-3ab2b"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1666335728.dop206.sk1.t,1666335728.cds205.sk1.hn,1666335728.cds020.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash f930c31522f78e280e6f0b61589a18bc
fb640751735f720dfdd3c5de9929148d1dff7abb
5b9d551435f1738991590b6ec3690327ebdde4ea088ae43f1eb0850522398853
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3623
Cache-Control: max-age=165162
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:08 GMT
Etag: "635217f3-117"
Expires: Sun, 23 Oct 2022 04:54:50 GMT
Last-Modified: Fri, 21 Oct 2022 03:54:27 GMT
Server: ECS (amb/6BBA)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 160ad2d6df2110d3aed423b805e14122
423d7b0f7f90cc67fe68123f1ca513681f2389e4
0014fee7a03faf9e66cea8ccfbeeeea7dcf739d86ab9ecc945eb29a4cadc51e8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3180
Cache-Control: max-age=104260
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:08 GMT
Etag: "63512bc8-117"
Expires: Sat, 22 Oct 2022 11:59:48 GMT
Last-Modified: Thu, 20 Oct 2022 11:06:48 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R31mmcwECqwv/Z8hlmHs6Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CsIXexap5fC76AC+oSyZrRpTNro=
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ce49c943918c31330905fa9efc5a5fa7
839ce80eba799186cd444f48bb9bf8fceec40d01
7993ce81ff0ecac439e9a4f1fa7ad6aca3f5e360046b5a901c225f02504d24a4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=115464
Date: Fri, 21 Oct 2022 07:02:08 GMT
Etag: "635163f8-1d7"
Expires: Sat, 22 Oct 2022 15:06:32 GMT
Last-Modified: Thu, 20 Oct 2022 15:06:32 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KASGaFjSQXA5ht7yB-M34JjmoPHVNYd98EvgF99rYF8vJaUw99Hy3w==
ocsp.digicert.com/
200 OK 279 B IP
Hash 7c64a8af7a6a7ffa64fbc22fea02b528
582ca1a4127c3f6734e6caf430e7ca2f2fa4fea8
b08ed0de6eb523c01600710318ebfd5d6ada3148f6d77a7403d420dc7f8ad218
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=137446
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:09 GMT
Etag: "6351b9d7-117"
Expires: Sat, 22 Oct 2022 21:12:55 GMT
Last-Modified: Thu, 20 Oct 2022 21:12:55 GMT
Server: nginx
Content-Length: 279
pixel.leadsleap.net/set.html?n1=lltkra156457&v1=426797.21&n2=lltkrb156457&v2=426797.21
200 OK 775 B URL HTTP/2 pixel.leadsleap.net/set.html?n1=lltkra156457&v1=426797.21&n2=lltkrb156457&v2=426797.21
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash e6176952c38024812f11bc6462a6de8f
81c1bf618080d154464ae59b9c32417719e328f6
544081b23b5f5102e1ba1d59fa3742d7dd1f76a7f18e017d0af7be266827eedc
GET /set.html?n1=lltkra156457&v1=426797.21&n2=lltkrb156457&v2=426797.21 HTTP/1.1
Host: pixel.leadsleap.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:09 GMT
content-type: text/html
last-modified: Thu, 01 Oct 2020 11:41:08 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckemUb9KAnktEB%2BXZC2ytdIuju1%2FlnnT2Uafc1od0hjdBy9%2FLRE1FYKtc29IOaR%2B%2Fg8LbR5qbEXMsWD7NTR562tRIkQ02rdffDK5bKaGkzE7zl9x7fUMHFtZ90nphrDcL5L3HGpc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75d820437baf0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
llclickpro.com/trackr.css?v=29
200 OK 3.2 kB URL HTTP/2 llclickpro.com/trackr.css?v=29
IP
File type ASCII text, with very long lines (8950), with no line terminators
Hash 1bd45a18d964f5ae8d95cd1afc3d47f3
3c4c1c046386e29f8136f129e2af425f95f54147
ee4127716f15a3d060cc8e0a7ac11fea4ec9a80186106ccb0ebff1836a86c734
GET /trackr.css?v=29 HTTP/1.1
Host: llclickpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/MCTGlanding/tab
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:09 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=12271
last-modified: Tue, 28 Jun 2022 06:00:22 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSjXp6hCn0L8HyBktSBoxXX4t6n%2BfiLudltRJukCfB34lTvsKMyvTaaG9urXW%2FrJVMvEZCxmWHrnDWi0ocdFksatHSYWpk2Ou6BKVY4UqDClutYmwteNwmb0aVJ3i%2FrrRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d82040b83cb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2658
Expires: Fri, 21 Oct 2022 07:46:28 GMT
Date: Fri, 21 Oct 2022 07:02:10 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2658
Expires: Fri, 21 Oct 2022 07:46:28 GMT
Date: Fri, 21 Oct 2022 07:02:10 GMT
Connection: keep-alive
use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
200 OK 4.7 kB URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
IP
File type ASCII text, with very long lines (26516)
Hash aeb9a426b557d39f23c6c976980beff1
cd1ff9089d637de28a1fdfb8f0466e2d87e8dbb8
75f2edc155a915cb74a91c89c22b07eb064b3690c6f61f1948efa606ac102f09
GET /releases/v5.15.4/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:08 GMT
content-type: text/css
x-amz-id-2: 6Vd7cQcbXwVvBEeASGRppMuKK7huy86PWfwKjxLKXE+496GlDvYW26j1L9niuC+fWzH1vXqXUCE=
x-amz-request-id: F6C16371BZ49448W
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"a034d3c71bee546f625877d7932917f8"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 31102735
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfQPignUQwJeInilJO9EOJB3g3ozd65DnxEmsHoSEvuSRIj%2BpLrwKjZ46%2F3UKP%2BXmgAMiTBVikGIfPNDVLrtzOBFuv2Rn31pgOAYRW%2BTrEtIcBQ%2Fwbg3NzssNU21qkl%2BPCdSEjOb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d8204139a1f3f7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2658
Expires: Fri, 21 Oct 2022 07:46:28 GMT
Date: Fri, 21 Oct 2022 07:02:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66bcc767-1c09-4b79-aee1-3917407a2700.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66bcc767-1c09-4b79-aee1-3917407a2700.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d369f8641d3489521afd62e112136f5b
088a3290733195efeb1d79dcc995c22b603bece0
b18601499cbb7bbcc1eaa464cec12c0287f8fab52a89e97973bd78fcb26ea918
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66bcc767-1c09-4b79-aee1-3917407a2700.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9195
x-amzn-requestid: e40418b8-2272-44a3-83d6-9465798793ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKLEk4oAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-34994aca1e13dcab306bf1a4;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 86MQ2WBrOZ2pH88f27PxZ9f8tuu_9u6qNzyr4LZz6-yNbfjJdjgr0w==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:48:08 GMT
age: 33242
etag: "088a3290733195efeb1d79dcc995c22b603bece0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97a147f-f3d0-45e2-ab3e-cd90d0626589.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97a147f-f3d0-45e2-ab3e-cd90d0626589.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c6ab9a31e082a0c0eaab2a0f526495a
c30e9954dcef66d4f14ac8618ebf2a1da0b3e12a
ca3a602c8af7b3e87957e54910663ea2bb72d008e14719af0f9fd7bd1a949f3e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97a147f-f3d0-45e2-ab3e-cd90d0626589.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6551
x-amzn-requestid: 4deffe4d-e687-436e-938c-f8128bb84376
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zql_MG5QoAMFahg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6340e9fa-66d4e2210fda5a80155f2466;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 03:09:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V5ilfg4GVL-HvWbuZrvFkZynDNCZDiBVNTDWjLdr2ZCLjH04NW3yqw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 07:30:12 GMT
age: 84718
etag: "c30e9954dcef66d4f14ac8618ebf2a1da0b3e12a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg
200 OK 2.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76fdbaaa2ef28349492bdf0e44fa1208
6769eeb6762a3dd7dacf6a054fedf043acb463df
8c8b2db96e764f97aa91bd800b2a6f7bf6c9d96a9dd67f919f27b53074e339e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2305
x-amzn-requestid: d44cceea-ab77-400f-a7a6-ed80b9873106
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aE95TG2YoAMFiiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b76a1-57ed4d9437044cc1665e535b;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 03:12:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AsSDzjeB5RvDY9ZCxMe-b1bTQiQI6r2yB-PPBo9Qap4hWMINj4wmSA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 10:13:37 GMT
age: 74913
etag: "6769eeb6762a3dd7dacf6a054fedf043acb463df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98b8db42-7c94-466e-b74a-050e96c7ba27.jpeg
200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98b8db42-7c94-466e-b74a-050e96c7ba27.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65594d1dc13761dcc4674f03b629141f
440b895d33ade533ab57689cccfc533871958559
76eb16523cde78e0a7bc34e2a2d2a073b4569cd4b9ee5c28213497b1ea2893d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98b8db42-7c94-466e-b74a-050e96c7ba27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5029
x-amzn-requestid: 63037ba8-bfa6-4087-9486-d583348d79bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVCNwGl1IAMFuvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351e3f1-4fa2d43240e5f45624553bd3;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 00:12:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XMtaqkFsfMBVLVpUxpPan5ED2X1hyfc0CLhPuZ_2GVWZfW7e68NOBg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 00:23:25 GMT
age: 23925
etag: "440b895d33ade533ab57689cccfc533871958559"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fb8fd73-9b5d-4b49-bb7c-ad83d6ee29a7.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fb8fd73-9b5d-4b49-bb7c-ad83d6ee29a7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2bd9e504ae33c774e41c4035c72dc29d
9103503978d592ebcd1d06db2fb4701b2340ed7d
563f0bfead286f83690e08c1f27358b99b367f866996a5c46b89638dc0db1033
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fb8fd73-9b5d-4b49-bb7c-ad83d6ee29a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9193
x-amzn-requestid: 54aaa73e-c50d-4168-8751-1412c88a548e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVBttFGVIAMFgXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351e324-106401f979f891a158187003;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 00:09:08 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xGO7Lb8Zdn6K1VQNiK6CGv1VNPJ8LQIvMvIU6-UiviPR5ndzhwZryA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 00:23:21 GMT
etag: "9103503978d592ebcd1d06db2fb4701b2340ed7d"
content-type: image/jpeg
age: 23929
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bf0e255-a4a6-4f8d-956b-b4cc92b11a74.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bf0e255-a4a6-4f8d-956b-b4cc92b11a74.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ecad5d1b790e8e9ee04e4d689cc77f15
0c57f4fc8cd4298995b5e4de171c45f074d390b9
56bd4fdc1b25b732dc44d672ccdf46a61f97c0758da09a7a33c62af5b7fa20d7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bf0e255-a4a6-4f8d-956b-b4cc92b11a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8077
x-amzn-requestid: d4b0b1b6-814d-4cc3-a91f-52192c3ac4a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUr_JGEDoAMFSBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c060-695b704a06ae763e1f4be63b;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:40:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BhRnSO705b30PZL8zEcQ-BNC-u6HlwD_nq43pBVkMo1VCycicCKeXQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:50:24 GMT
age: 33106
etag: "0c57f4fc8cd4298995b5e4de171c45f074d390b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3196ba4b697dbfaafd1a20abd049448d
b5aa23a93ddcbb7dfefe9b9246f8e303aa0a96db
8b41893aff9c1de632eaf46ea7e874f5d23109a62516ad4c116c190639e91c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B41893AFF9C1DE632EAF46EA7E874F5D23109A62516AD4C116C190639E91C1F"
Last-Modified: Wed, 19 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16968
Expires: Fri, 21 Oct 2022 11:44:58 GMT
Date: Fri, 21 Oct 2022 07:02:10 GMT
Connection: keep-alive
www.morecouponstogo.com/uni-landing
200 OK 33 kB URL HTTP/2 www.morecouponstogo.com/uni-landing
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5305)
Hash 6a72f5b2c357fdc9ef27408d08e874d3
ada8e267c3f26f7c51057265bb6ddf0a14fdd24c
af17a705a637ed4fd855f36938ab6915e840e491bca208016156e871373d6f0f
Analyzer Verdict Alert fortinet Phishing
GET /uni-landing HTTP/1.1
Host: www.morecouponstogo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 21 Oct 2022 07:02:10 GMT
content-type: text/html; charset=UTF-8
content-length: 33303
x-brizy-preview: 1
vary: Accept-Encoding
content-encoding: gzip
x-varnish: 155532263 3964975
age: 1353060
via: 1.1 varnish (Varnish/6.2)
x-cache: HIT
x-cache-hits: 7050
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash cd157c26e8c620fcd9d14d6f328949d8
41c3cce99bbd485bdc68c51d397af276006a75c5
bb3719be7d50914cba6ee3e2f70248336d8733f21ff153bf653f4065b837fa77
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3629
Cache-Control: max-age=89246
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:10 GMT
Etag: "6350ef63-116"
Expires: Sat, 22 Oct 2022 07:49:36 GMT
Last-Modified: Thu, 20 Oct 2022 06:49:07 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash d67ac4363fa888e30f2ef6c3813e407d
6326dce74331e1abf71b888b5bfefb51e04156c1
d4b05b963a8f314eda188df17fc77e5a5e9df5d085beaf696eb50bd2efeb0ac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5102
Cache-Control: max-age=142886
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:10 GMT
Etag: "6351bb2b-116"
Expires: Sat, 22 Oct 2022 22:43:36 GMT
Last-Modified: Thu, 20 Oct 2022 21:18:35 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e6c3e0486533b0a2edffeca191cd7785
2d688b3c35b26c69e8490ed21ccb94dbbe5ddd27
0780ccc7e7101d6bbfb981fcfdc6e9642f49b4671e2109bde58362d5be33c5d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 13b2ffd04752d468f707090604f6ed1c
94de24b43698a598b060edea68a4b1b5c6bf9879
98f0ad0db175ed53ed6b048cc4427f902c148adc378d833dcb8cd89d59397aad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trafficadbar.com/bar/show.js
200 OK 686 B URL HTTP/2 trafficadbar.com/bar/show.js
IP
Hash 66356b4b9464e02a05c7f92c682cce02
fe2db8c863bdb4b14b4561063d390f84ab780245
cb651d49727b72f43b47bd846a04861548f42f2e8ad59c7535c5e1ba326d3d6c
GET /bar/show.js HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:10 GMT
content-type: application/javascript
content-length: 686
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
etag: "60c06a82-2ae"
expires: Tue, 20 Dec 2022 07:02:10 GMT
pragma: public
cache-control: max-age=5184000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
trafficadbar.com/favicon.ico
200 OK 492 B URL HTTP/2 trafficadbar.com/favicon.ico
IP
Hash 96c3819a00082d7dbc6f718220350201
a32e0fe4cb82b089f40ab1062f8dbace7101be4b
6df88bd92ad3baf6f07e483f355e910882dd8f28d143b632e36e614d9c0f1087
GET /favicon.ico HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:08 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-LRYZTN7NCV
200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LRYZTN7NCV
IP
File type ASCII text, with very long lines (18991)
Hash 0a75ef487d7a369cd34b34b1e1b5af77
4989a1c53331768c97d4b36100b03c6b6c651719
aec8b270f6c3fead8fbe705f749f046dd593f0c8e5659c66d2a2108446d9197f
GET /gtag/js?id=G-LRYZTN7NCV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 21 Oct 2022 07:02:10 GMT
expires: Fri, 21 Oct 2022 07:02:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77095
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash cd157c26e8c620fcd9d14d6f328949d8
41c3cce99bbd485bdc68c51d397af276006a75c5
bb3719be7d50914cba6ee3e2f70248336d8733f21ff153bf653f4065b837fa77
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3629
Cache-Control: max-age=89246
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:10 GMT
Etag: "6350ef63-116"
Expires: Sat, 22 Oct 2022 07:49:36 GMT
Last-Modified: Thu, 20 Oct 2022 06:49:07 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
z5traffic.com/t/matomo.js
404 Not Found 3.5 kB URL HTTP/2 z5traffic.com/t/matomo.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 536bdeffc1bab38e29b33d849151b3c1
89c67ef7f4f936833be3ddd4487595ccb90919ee
928560da2a21a07a0eaeee6325b2305eaee73144cf43220b5352389bf405dca4
GET /t/matomo.js HTTP/1.1
Host: z5traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 21 Oct 2022 07:02:09 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.16.1
vary: Accept-Encoding
x-powered-by: PHP/7.4.12
cache-control: no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash fd27c963e105e194e3c4ca05b7788e98
5f0130c424aeeff2431d73e572edc2ab3be240f6
fc29569b0113ca0acc6f6f318bee131ba4328b564f3bdba88f40a680d4965083
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 07:02:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 25 Oct 2022 04:06:51 GMT
ETag: "5f0130c424aeeff2431d73e572edc2ab3be240f6"
Last-Modified: Fri, 21 Oct 2022 04:06:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2800
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75d8204e195db509-OSL
ocsp.pki.goog/gts1c3
200 OK 34 kB IP
Hash d9e37160f85f844db57c45ca75beb06f
efff6d76cc2942114aa40b3d23768e862712f0f6
2156cc13188e17aa095b7cebff5c3a78a07012c8c09e8cf06e30a8d815865565
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
w.leadsleap.com/js.js
200 OK 2.0 kB IP
File type ASCII text, with very long lines (4026), with no line terminators
Hash 8f03b3f98b5a2646b7285d60271db15f
d0b4d33d3f3b763653a66579b063bd96887f2e78
65d75082b55511913cb49a848a5c3ef191e7c2d1715094ae6a9a16106cf366dd
GET /js.js HTTP/1.1
Host: w.leadsleap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4038
last-modified: Mon, 06 Jun 2022 14:11:07 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 5335
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FXV60mRkuaRDvXPPvYNyf6v24tbegNeG2n%2FscIswXdO56%2BAX1W17sQTaXA99Okqr4PMxpf3bpEurqIqno2YAjPkv3XYp3u8Gni%2BRvdPqRROu0QloDz1%2Fbz3toRThZMPSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d8204d6f71b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash afeae912181e104eea06fc7edd946cb7
406b42ad9280f3e1a2080019d0e28d329552b9d9
84db56c9aae95b86f61029a06ef9e41b7f67deb81ac5919d4f6a552a96f23326
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 07:02:10 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 05:01:59 GMT
Expires: Wed, 26 Oct 2022 05:01:58 GMT
Etag: "406b42ad9280f3e1a2080019d0e28d329552b9d9"
Cache-Control: max-age=424187,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d8204d6feeb4fa-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash afeae912181e104eea06fc7edd946cb7
406b42ad9280f3e1a2080019d0e28d329552b9d9
84db56c9aae95b86f61029a06ef9e41b7f67deb81ac5919d4f6a552a96f23326
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 07:02:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 05:01:59 GMT
Expires: Wed, 26 Oct 2022 05:01:58 GMT
Etag: "406b42ad9280f3e1a2080019d0e28d329552b9d9"
Cache-Control: max-age=424187,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d8204dbd6a1c0e-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash afeae912181e104eea06fc7edd946cb7
406b42ad9280f3e1a2080019d0e28d329552b9d9
84db56c9aae95b86f61029a06ef9e41b7f67deb81ac5919d4f6a552a96f23326
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 07:02:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 05:01:59 GMT
Expires: Wed, 26 Oct 2022 05:01:58 GMT
Etag: "406b42ad9280f3e1a2080019d0e28d329552b9d9"
Cache-Control: max-age=424187,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d8204dceb8fabc-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash afeae912181e104eea06fc7edd946cb7
406b42ad9280f3e1a2080019d0e28d329552b9d9
84db56c9aae95b86f61029a06ef9e41b7f67deb81ac5919d4f6a552a96f23326
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 07:02:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 05:01:59 GMT
Expires: Wed, 26 Oct 2022 05:01:58 GMT
Etag: "406b42ad9280f3e1a2080019d0e28d329552b9d9"
Cache-Control: max-age=424186,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75d8204d9858b51d-OSL
b-cloud.b-cdn.net/builds/pro/118-cloud/css/group-3-pro.css
200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/118-cloud/css/group-3-pro.css
IP
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /builds/pro/118-cloud/css/group-3-pro.css HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:11 GMT
content-type: text/css
content-length: 0
server: BunnyCDN-NO-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Sat, 17 Sep 2022 10:22:32 GMT
x-amz-id-2: Qe6wXNC++1c9FW26w2hiHlSR7Y/a+K28SPtB3bNQgZe8QfY2G5Hj/AOep4ZgR6ckM07ccNd20gI=
x-amz-request-id: 0JWMHWX8ZNYVY3MR
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/21/2022 07:02:11
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/118-cloud/css/group-3-pro.css>; rel="canonical"
cdn-status: 200
cdn-requestid: f020caab59228049d323fc30533d932e
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a0738b138f262176b9a5984a8afe3127
513e61f1dd78a6c51077165a5e5391119b9d9228
04a69025a549be2708481584eb6a6a361c5541c0490d9c42ccba8161720e6075
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a0738b138f262176b9a5984a8afe3127
513e61f1dd78a6c51077165a5e5391119b9d9228
04a69025a549be2708481584eb6a6a361c5541c0490d9c42ccba8161720e6075
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.gravitec.net/storage/651b3da8463250405063839a2450c723/client.js
200 OK 49 kB URL HTTP/2 cdn.gravitec.net/storage/651b3da8463250405063839a2450c723/client.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash 94f18d4025cbaa43bdd3e595feb8e7dd
d7f2a293690fa43688ac486a93891469b7db673e
7b9b777551f0e608491c1da243f3c0c84d84be876c14a12553f93237207d1af5
GET /storage/651b3da8463250405063839a2450c723/client.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:10 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Thu, 10 Mar 2022 09:36:39 GMT
etag: W/"6229c6a7-100fb"
expires: Thu, 10 Mar 2022 10:12:22 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: REVALIDATED
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 21:14:39 GMT
expires: Tue, 17 Oct 2023 21:14:39 GMT
cache-control: public, max-age=31536000
age: 294452
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a0738b138f262176b9a5984a8afe3127
513e61f1dd78a6c51077165a5e5391119b9d9228
04a69025a549be2708481584eb6a6a361c5541c0490d9c42ccba8161720e6075
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6894994e02f8f5ba7b41315e467ec514
20381d88239721ae42a0637d67417a19b41af581
df9e40affa62e2ef3a0797b0fbb3093c9906ce8254a035f547553d563a329505
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6894994e02f8f5ba7b41315e467ec514
20381d88239721ae42a0637d67417a19b41af581
df9e40affa62e2ef3a0797b0fbb3093c9906ce8254a035f547553d563a329505
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6894994e02f8f5ba7b41315e467ec514
20381d88239721ae42a0637d67417a19b41af581
df9e40affa62e2ef3a0797b0fbb3093c9906ce8254a035f547553d563a329505
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/palanquindark/v12/xn75YHgl1nqmANMB-26xC7yuF86JRks.woff2
200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/palanquindark/v12/xn75YHgl1nqmANMB-26xC7yuF86JRks.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 20084, version 1.0\012- data
Hash 732c9716022aa43449564603e08aeb9b
477fa3a5c43696287d20b4b491e36d754d1c8866
37bb3776ce24d18cccdd5dc96199ad60c22afd1e190452a18e8c4fd2f8679a98
GET /s/palanquindark/v12/xn75YHgl1nqmANMB-26xC7yuF86JRks.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20084
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 17:05:26 GMT
expires: Fri, 20 Oct 2023 17:05:26 GMT
cache-control: public, max-age=31536000
age: 50205
last-modified: Mon, 09 May 2022 18:42:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/palanquindark/v12/xn76YHgl1nqmANMB-26xC7yuF8YyY14yd8o.woff2
200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/palanquindark/v12/xn76YHgl1nqmANMB-26xC7yuF8YyY14yd8o.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 18824, version 1.0\012- data
Hash 0b8cbe6afbac36bab648231406851927
2f67e3adf1061cf82e075d636ae22bc4fca731ea
2c83b448afb8398f6ff0f1d684f125b13e0889b05c5041bb8ff4eb680a892089
GET /s/palanquindark/v12/xn76YHgl1nqmANMB-26xC7yuF8YyY14yd8o.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 18 Oct 2022 16:41:27 GMT
expires: Wed, 18 Oct 2023 16:41:27 GMT
cache-control: public, max-age=31536000
age: 224444
last-modified: Mon, 09 May 2022 18:56:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 18 Oct 2022 17:10:21 GMT
expires: Wed, 18 Oct 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 222710
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6894994e02f8f5ba7b41315e467ec514
20381d88239721ae42a0637d67417a19b41af581
df9e40affa62e2ef3a0797b0fbb3093c9906ce8254a035f547553d563a329505
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/24c6f8bd/www-player.css
200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/24c6f8bd/www-player.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash a6bad8b64588167878f1de946dd2b911
2d3c33bba6a47f05374274cbce7bef19ecfd87b2
41e7429a90008dd5226c1d096ce72beb44fba7315f31a627e7e66983f9edd4d8
GET /s/player/24c6f8bd/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/aWzlQ2N6qqg?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49894
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 16:02:05 GMT
expires: Thu, 19 Oct 2023 16:02:05 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 19 Oct 2022 00:20:59 GMT
content-type: text/css
age: 140406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/24c6f8bd/www-embed-player.vflset/www-embed-player.js
200 OK 97 kB URL HTTP/2 www.youtube.com/s/player/24c6f8bd/www-embed-player.vflset/www-embed-player.js
IP
File type ASCII text, with very long lines (572)
Hash 8f179fb031265799508c1267fecdf657
67343059795c82bbc9bd6ccfcd81d7392aaddb8e
fc91ea5d8f77ad29a609e776ff7fb95949f53a73325d495b94de2e15e4e75805
GET /s/player/24c6f8bd/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/aWzlQ2N6qqg?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97428
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 16:02:05 GMT
expires: Thu, 19 Oct 2023 16:02:05 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 19 Oct 2022 00:20:59 GMT
content-type: text/javascript
age: 140406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/24c6f8bd/fetch-polyfill.vflset/fetch-polyfill.js
200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/24c6f8bd/fetch-polyfill.vflset/fetch-polyfill.js
IP
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/24c6f8bd/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/aWzlQ2N6qqg?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 16:02:05 GMT
expires: Thu, 19 Oct 2023 16:02:05 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 19 Oct 2022 00:20:59 GMT
content-type: text/javascript
age: 140406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_US/base.js
200 OK 585 kB URL HTTP/2 www.youtube.com/s/player/24c6f8bd/player_ias.vflset/en_US/base.js
IP
File type ASCII text, with very long lines (554)
Size 585 kB (584928 bytes)
Hash 578283c1a9595644b0c4467c8152f15a
fb4efc4467e6596f6bf550237e6dfa8047e25a01
c321e511cfce0b7a05ffd98411fa3dd1d03e014d1392e6f822e6a3aea4bf1e48
GET /s/player/24c6f8bd/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/aWzlQ2N6qqg?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 584928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 06:44:48 GMT
expires: Sat, 21 Oct 2023 06:44:48 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 19 Oct 2022 00:20:59 GMT
content-type: text/javascript
age: 1043
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f04257b39ba61002e82135b1018051bc
9c563b944248bc357fde1e21204676dc7be0ae4a
2cf264b07e78769437957a0d9c10362886fa54477b6ee68c1e90bd000defda0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CF264B07E78769437957A0D9C10362886FA54477B6EE68C1E90BD000DEFDA0F"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 21 Oct 2022 13:02:11 GMT
Date: Fri, 21 Oct 2022 07:02:11 GMT
Connection: keep-alive
b-cloud.b-cdn.net/builds/pro/118-cloud/js/preview.pro.js
200 OK 66 kB URL HTTP/2 b-cloud.b-cdn.net/builds/pro/118-cloud/js/preview.pro.js
IP
ASN #34989 ServeTheWorld AS
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 8ad413c6ca029f5988d29f9966c912e8
c460dc9e881b9b25885b53b36e2f2ef7771e92a4
55a96390bf1d674154bb0a6fe827e8bc4767a8c3704d27f4e99142b17a773486
GET /builds/pro/118-cloud/js/preview.pro.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:10 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"376301a49a35c0a3d8c900bab8ed70b3"
last-modified: Sat, 17 Sep 2022 10:22:32 GMT
x-amz-id-2: qUvRF3PZndLt2QXgXEHHhisb1H9VGfHzkS6Hzhv+KznwMW5Fr9yhLZMONez+WRSNTsb20zMkv34=
x-amz-request-id: M2W1VH4HZ2MQJZ1C
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/19/2022 18:22:03
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/118-cloud/js/preview.pro.js>; rel="canonical"
cdn-status: 200
cdn-requestid: b0676c765c3caf8ac79fee32bf5e89a5
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
yazing.com/css/showdeals-yzwg.css
200 OK 406 B URL HTTP/1.1 yazing.com/css/showdeals-yzwg.css
IP
Hash 67799b159cb3ef050044a77a2b3a9b45
886d44342cba8c02f846fc12bcce675f8356f1b3
4e3c99e3266b36b09cbb5bac828e08cf82ffe1d810c57049627da012ce92fcaa
GET /css/showdeals-yzwg.css HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 07:02:12 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Mon, 26 Apr 2021 12:38:43 GMT
ETag: "441-5c0df6d092f3d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Content-Length: 406
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 981570c351f76e9449d36b6356c2dd76
39bf6f8771ccedf96302bc675fb514bc7c55371e
5150403d0849d31eceefd8d7f90cdf457f7f2443b6ed8544d30296f07c36d9cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5150403D0849D31ECEEFD8D7F90CDF457F7F2443B6ED8544D30296F07C36D9CB"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4254
Expires: Fri, 21 Oct 2022 08:13:06 GMT
Date: Fri, 21 Oct 2022 07:02:12 GMT
Connection: keep-alive
yazing.com/widget/ajax-show-deals
200 OK 5.0 kB URL HTTP/1.1 yazing.com/widget/ajax-show-deals
IP
File type JSON data\012- , ASCII text, with very long lines (5047), with no line terminators
Hash 598bbecf12144a28cd314862896b732d
71581758caff8606b80fad6526efff192e516e09
8542e710885020f37a28d1bb16fd4a69b37351ed40d4160b71f6a572c8164b0f
POST /widget/ajax-show-deals HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 350
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 07:02:12 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: advanced-frontend=4vejhqdifmtpltch0rtg5b7von; expires=Sun, 20-Oct-2024 07:02:12 GMT; Max-Age=63072000; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Content-Length: 5047
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f77db34bc9a886ec34de34efeecf82c4
69eab3f4710c4f7edcc68b49268f5b3547aa941a
3a622e955fbcb7eced02906d91e65b39df984a05f07d35a7e6f7217df31453f7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A622E955FBCB7ECED02906D91E65B39DF984A05F07D35A7E6F7217DF31453F7"
Last-Modified: Wed, 19 Oct 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16715
Expires: Fri, 21 Oct 2022 11:40:47 GMT
Date: Fri, 21 Oct 2022 07:02:12 GMT
Connection: keep-alive
trafficadbar.com/assets/ads.css
200 OK 385 B URL HTTP/2 trafficadbar.com/assets/ads.css
IP
Hash 05463025a9969b0844abe65f601e5c8a
4b9dcbf2c2d7e339ee8160c56ae92e1fd18595dc
bb8ddf7ca872ae352ec221a148c2e83ac8eabee859b8a7c261b8e2e941463fa3
GET /assets/ads.css HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trafficadbar.com/bar/page2.php?a=MTGSamurai&b=490&c=90&d=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&ref1=https%3A%2F%2Fllclickpro.com%2F&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:12 GMT
content-type: text/css
content-length: 385
server: nginx
last-modified: Thu, 11 Aug 2022 01:03:12 GMT
etag: "62f45550-181"
expires: Tue, 20 Dec 2022 07:02:12 GMT
pragma: public
cache-control: max-age=5184000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
api.gravitec.media/api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=195b789a-e70d-43c0-aced-bfac82d2ee2d&utmb=14a3644f-552e-4bf7-9100-9bc0a2ca14ec&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F
201 Created 0 B URL HTTP/2 api.gravitec.media/api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=195b789a-e70d-43c0-aced-bfac82d2ee2d&utmb=14a3644f-552e-4bf7-9100-9bc0a2ca14ec&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=195b789a-e70d-43c0-aced-bfac82d2ee2d&utmb=14a3644f-552e-4bf7-9100-9bc0a2ca14ec&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F HTTP/1.1
Host: api.gravitec.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 201 Created
server: nginx
date: Fri, 21 Oct 2022 07:02:12 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
x-correlation-id: 45d3a2dcb5ae8423fbe06f7fa75f635f
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
200 OK 793 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
IP
File type ASCII text, with very long lines (2368)
Hash 1d57e54a7a9814979fd019e4a496b0ed
7546b89a8452aaa6edcc1e57ae5dfee9cd89f450
f7fb8c6e102f32d9f3b044ab26bb0e873fd16612967b2bdbe0ac8f6d658441e6
GET /assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 793
date: Sun, 18 Sep 2022 22:37:25 GMT
server: nginx
last-modified: Thu, 15 Sep 2022 10:06:37 GMT
content-encoding: gzip
expires: Wed, 15 Sep 2032 22:37:25 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9RLWpnaHWQEOdEqmSoN6dqzS0J7Q6jMH0vQzFfY5RXSB9qwXvJG2IA==
age: 2795087
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7c7604721cbe427e3de5eca70f457321
d9655eb234047b519fd5b47439c2545af596163d
7374bab3b9d76fc4f9297245086ee95b576777642ca56cd85bc9f400d8519b65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.gravitec.net/modules/1.bundle.js
200 OK 41 kB URL HTTP/2 cdn.gravitec.net/modules/1.bundle.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash 6ec98d7ac9fce91ced0f4efdd7252972
05a823ee1d3d4b8e27e5d4a1da996196e3b6dded
86b3f7a96a28c198cb5607f9cdfbe3288c92efb6bb4551a72a7d8b3987fa8df0
GET /modules/1.bundle.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:12 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
etag: W/"61fa486f-8092"
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8709f3baa978d291fda131e2f445ddda
987cf815a2d18b4aeb0a1047e9e7f8783dde6d88
b24f6a13ff0a1f888143ad742bf32a2b80e3d7f5a903d2e59e1dbfbf1a1a3e11
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 06:57:40 GMT
expires: Fri, 21 Oct 2022 07:12:40 GMT
cache-control: public, max-age=900
age: 272
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trafficadbar.com/assets/home_logo_88.png
200 OK 2.2 kB URL HTTP/2 trafficadbar.com/assets/home_logo_88.png
IP
File type PNG image data, 88 x 20, 8-bit/color RGB, non-interlaced\012- data
Hash e569735ba757564f8dc8864b9a1fd625
aeb44276faeed647e204245832588d2f5e7b5c03
7176afcf63a169611528a4aeb5d2891e04b8ba3d3723016d09f42ad5dd9cd226
GET /assets/home_logo_88.png HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trafficadbar.com/bar/page2.php?a=MTGSamurai&b=490&c=90&d=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&ref1=https%3A%2F%2Fllclickpro.com%2F&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:12 GMT
content-type: image/png
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
vary: Accept-Encoding
etag: W/"60c06a82-881"
expires: Tue, 20 Dec 2022 07:02:12 GMT
pragma: public
cache-control: max-age=5184000, public
content-encoding: gzip
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 21 Oct 2022 07:02:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 21 Oct 2022 07:02:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash de362430416fb8513be4338d5a8f3886
d63922507a4ad68ec46720e85b003cf46f878e11
14e4b3daa695d5224923ac511f3f7bb6d238042ae8de473fafa83f8e57502d89
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107233
Date: Fri, 21 Oct 2022 07:02:13 GMT
Etag: "63513016-1d7"
Expires: Sat, 22 Oct 2022 12:49:26 GMT
Last-Modified: Thu, 20 Oct 2022 11:25:10 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: E4aQdxqJShEk9YacGPr5xeM6iVUltg3jDRHHx5bStDItYRZpKCZRqQ==
Age: 5056
ih0.redbubble.net/image.2609329537.2892/raf,220x200,075,t,white.u5.jpg
200 OK 13 kB URL HTTP/2 ih0.redbubble.net/image.2609329537.2892/raf,220x200,075,t,white.u5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 7c729abcf1fb3cbc2c5338f004443fc8
ba2199b908015be4eb601ea363fa1e6a05e6109a
c350b44a154b399e0bef5fafa2ce0bbabd485db22ed9531b4566a297704c2898
GET /image.2609329537.2892/raf,220x200,075,t,white.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 3053753
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Fri, 21 Oct 2022 07:02:13 GMT
etag: W/"c350b44a154b399e0bef5fafa2ce0bba"
last-modified: Thu, 15 Sep 2022 22:46:21 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7FA8)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: a1f9feb2-f818-4d5e-a57b-efc733dc4048
x-xss-protection: 1; mode=block
content-length: 13202
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash de362430416fb8513be4338d5a8f3886
d63922507a4ad68ec46720e85b003cf46f878e11
14e4b3daa695d5224923ac511f3f7bb6d238042ae8de473fafa83f8e57502d89
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107623
Date: Fri, 21 Oct 2022 07:02:13 GMT
Etag: "63513016-1d7"
Expires: Sat, 22 Oct 2022 12:55:56 GMT
Last-Modified: Thu, 20 Oct 2022 11:25:10 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: u3qs3Aauioa8NBDhC9CVX4lgxKDhs_GO-920TEzNDS7wjUFiK4BnXw==
Age: 5446
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash de362430416fb8513be4338d5a8f3886
d63922507a4ad68ec46720e85b003cf46f878e11
14e4b3daa695d5224923ac511f3f7bb6d238042ae8de473fafa83f8e57502d89
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107553
Date: Fri, 21 Oct 2022 07:02:13 GMT
Etag: "63513016-1d7"
Expires: Sat, 22 Oct 2022 12:54:46 GMT
Last-Modified: Thu, 20 Oct 2022 11:25:10 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0KZGWICZg9a2AaflUMMYZh6xiQYCicepXdFtOlWQbTUlKliJrBjuTQ==
Age: 5376
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7c7604721cbe427e3de5eca70f457321
d9655eb234047b519fd5b47439c2545af596163d
7374bab3b9d76fc4f9297245086ee95b576777642ca56cd85bc9f400d8519b65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ih0.redbubble.net/image.2436230143.4649/flat,220x200,075,t.u5.jpg
200 OK 15 kB URL HTTP/2 ih0.redbubble.net/image.2436230143.4649/flat,220x200,075,t.u5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 9a8c105ed2bc868dc77dd23860b0eae7
baba5fd5da037202cc6bee4b94c5e61553a6e4e5
e3a68991feafac3f02cffdee42f521b29379b95d10bada143ec7eb76b29bdf1e
GET /image.2436230143.4649/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 5178569
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Fri, 21 Oct 2022 07:02:13 GMT
etag: W/"e3a68991feafac3f02cffdee42f521b2"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7FA7)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: aadd9ba7-de8e-4ca0-b4e2-841f2c1ae673
x-xss-protection: 1; mode=block
content-length: 14753
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash de362430416fb8513be4338d5a8f3886
d63922507a4ad68ec46720e85b003cf46f878e11
14e4b3daa695d5224923ac511f3f7bb6d238042ae8de473fafa83f8e57502d89
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107997
Date: Fri, 21 Oct 2022 07:02:13 GMT
Etag: "63513016-1d7"
Expires: Sat, 22 Oct 2022 13:02:10 GMT
Last-Modified: Thu, 20 Oct 2022 11:25:10 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 76pVDEMJU1eCYP9JPkKbVcNkXOsvJKOTvg3M96xdh3Q0KSeo8FCbxw==
Age: 5820
www.youtube.com/embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY
200 OK 41 kB URL HTTP/2 www.youtube.com/embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58608)
Hash 3eb4ec90a7b801bbdc7f3df95a213a86
2e2f27ae6b0cf8e4edacdca1a9dfb7dca6ee51ab
9263afb62b488db80f15a1424797704bb6f9eab5643ecd7b2d461582d7890a31
GET /embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 21 Oct 2022 07:02:11 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=etP1PqrGLAk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=Wj2r7ouOLLA; Domain=.youtube.com; Expires=Wed, 19-Apr-2023 07:02:11 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+899; expires=Sun, 20-Oct-2024 07:02:11 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2431145804.5847/flat,220x200,075,t.u5.jpg
200 OK 10 kB URL HTTP/2 ih1.redbubble.net/image.2431145804.5847/flat,220x200,075,t.u5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 8f6f53785c14ab8a77c0aa90a761e397
27b8a13e4692d280551a541df86597327783211f
6e6de7900d29f1106e51cd663320f6acbd0be5b9691f633724119f6ee0f8e484
GET /image.2431145804.5847/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 5178570
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Fri, 21 Oct 2022 07:02:13 GMT
etag: W/"6e6de7900d29f1106e51cd663320f6ac"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7EA4)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 888bc34b-6200-454b-b256-7a55d31b146d
x-xss-protection: 1; mode=block
content-length: 10297
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2521900470.0223/raf,220x200,075,t,eggplant.u5.jpg
200 OK 6.1 kB URL HTTP/2 ih0.redbubble.net/image.2521900470.0223/raf,220x200,075,t,eggplant.u5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash f1a77d20e2de0ca28a6c4022fa158ae4
05644cd3cd7e0f89125ec5055bd721c959a1a0fd
7e9a58a4b0502ec21571a876c0a13653b42d504bb56e6ac24a4b8a469e42c29b
GET /image.2521900470.0223/raf,220x200,075,t,eggplant.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 3128077
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Fri, 21 Oct 2022 07:02:13 GMT
etag: W/"7e9a58a4b0502ec21571a876c0a13653"
last-modified: Thu, 15 Sep 2022 02:07:36 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7EC8)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 2531627e-f454-4818-acea-ef3647972cea
x-xss-protection: 1; mode=block
content-length: 6101
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash de362430416fb8513be4338d5a8f3886
d63922507a4ad68ec46720e85b003cf46f878e11
14e4b3daa695d5224923ac511f3f7bb6d238042ae8de473fafa83f8e57502d89
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106884
Date: Fri, 21 Oct 2022 07:02:13 GMT
Etag: "63513016-1d7"
Expires: Sat, 22 Oct 2022 12:43:37 GMT
Last-Modified: Thu, 20 Oct 2022 11:25:10 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yuV6qThvlMdmJb1wwWbqss9tMBTb7fAwjp0qTbkEHCTgXFutSdmRew==
Age: 4708
cdn.gravitec.net/sdk/web/configs?appKey=651b3da8463250405063839a2450c723
200 OK 14 kB URL HTTP/2 cdn.gravitec.net/sdk/web/configs?appKey=651b3da8463250405063839a2450c723
IP
ASN #39572 DataWeb Global Group B.V.
Hash ccf2d43224bbdc5bf4a0ecbdac63cd70
a49a56cb767769c5e778449d048f1afec8eba757
60304839d2430d249d16735f3d9ecf37b9121c924da7649eb7257d6d6095e004
GET /sdk/web/configs?appKey=651b3da8463250405063839a2450c723 HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:11 GMT
content-type: application/json
server: nginx
x-correlation-id: fd1b92702374876466247b891d2ffe89
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: MISS
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 21 Oct 2022 07:02:13 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8709f3baa978d291fda131e2f445ddda
987cf815a2d18b4aeb0a1047e9e7f8783dde6d88
b24f6a13ff0a1f888143ad742bf32a2b80e3d7f5a903d2e59e1dbfbf1a1a3e11
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 5845ee5db016bf31e22985ef58cd9c00
cb3fde5bf062a943a72bcb0f09c29f09f10ee67b
3f785e0ca9e556d5a58ea99222ac4f5e44391b396662cc2210414343d314e4dd
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 21 Oct 2022 07:02:13 GMT
server: ESF
cache-control: private
content-length: 30626
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9f4b1d3c4fdfbd28fa4afc92115bd9f9
365125fe68f668bae6f3c13ef21d92bb00783ebe
92ea3ab34acb6f2464ef06496365dd1a54767519d3429346849898739bf05bb5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s3.amazonaws.com/logos.formetocoupon.com/120x60/7917.png
200 OK 10 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/7917.png
IP
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b5d385907bcf0703ae7ead02b368c80
d831c2f7ab7abd33317198d7492c34c4c8959c51
1c8928c1b3d80b09befdb9bf131ed0033f86a64f7f6412ad2924224d2363827b
GET /logos.formetocoupon.com/120x60/7917.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: VkRjRlxkE+IXnPixFybVyjYocYZiWoYDCTjzmGd5G6So6f+Q3Eaodohd5mFqh52FGoxAaD/O2ZI=
x-amz-request-id: QJFTS6EZBXYCTKMR
Date: Fri, 21 Oct 2022 07:02:14 GMT
Last-Modified: Fri, 16 Feb 2018 13:29:19 GMT
ETag: "3b5d385907bcf0703ae7ead02b368c80"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 9970
www.google.com/js/th/PJkulU-G08v7JckZMeNSZvqVIBPCjlLmLXUvorg-pEg.js
200 OK 14 kB URL HTTP/2 www.google.com/js/th/PJkulU-G08v7JckZMeNSZvqVIBPCjlLmLXUvorg-pEg.js
IP
File type ASCII text, with very long lines (36075)
Hash 22f519f9a10815b15ae22769a85ebe7c
cc27fbc46f7950e78bd62d647854384e349b85bd
be19eff8aedc284592141a67398200c86d6f3d32361f0d14aa8d242c41bf0030
GET /js/th/PJkulU-G08v7JckZMeNSZvqVIBPCjlLmLXUvorg-pEg.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14182
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 17:40:43 GMT
expires: Thu, 19 Oct 2023 17:40:43 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 11 Oct 2022 09:30:00 GMT
content-type: text/javascript
age: 134490
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9672bedf1fa670225eefaecdc092811d
a8d92ca94bcc736d174034dc7cb64d5a3eded9ce
6d4deffd8138cbce44fe7c84270e5bfc4194a1df68709ffe30c7f4b5e671aae1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/xmwLrTndOaEKtCLnRSkIbGKFOq9xv8rNA6rMv1Pcu5U.js
200 OK 14 kB URL HTTP/2 www.google.com/js/th/xmwLrTndOaEKtCLnRSkIbGKFOq9xv8rNA6rMv1Pcu5U.js
IP
File type ASCII text, with very long lines (35722)
Hash 23c2c76fd69ddee747232fe9b30353d0
cac7367ec48e11440e7a646e6e10dddf5c9c9f31
307ae491724cfe20e8d9e29db66a0eaa8ebaa8e118f989b9f81d143cdadf5794
GET /js/th/xmwLrTndOaEKtCLnRSkIbGKFOq9xv8rNA6rMv1Pcu5U.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14089
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 05:11:56 GMT
expires: Thu, 19 Oct 2023 05:11:56 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 18 Oct 2022 16:00:00 GMT
content-type: text/javascript
age: 179417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash c65bf0a13cee0e2d18304a0eeab0650b
10da1caf3f2c2f2e6f63be522627877674ad4f57
a9275a753ad4018ac7f47a6a6ebbc7a8e7b033c5a24d8ec94ba90834c1f08b37
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 21 Oct 2022 07:02:13 GMT
server: ESF
cache-control: private
content-length: 30609
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/6371.gif
200 OK 3.3 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/6371.gif
IP
File type GIF image data, version 89a, 120 x 60\012- data
Hash 0848dda6f9148f1f1c58add084bfbc08
2b4375d49f17ff29afe8bf25e02f9fa18431a172
5e3094b7ac855db3b122c4615b8d006c68d217c32d0623783a5dbd7e2b47ddd7
GET /logos.formetocoupon.com/120x60/6371.gif HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: C5Yw0bdj3ql2E6PcsB3VN16kkurkoARp1XNGvJxvIUzSfusQH7GJxdejlyicXX9f6DeWKzVkI9U=
x-amz-request-id: QJFS7C9JN652WH6T
Date: Fri, 21 Oct 2022 07:02:14 GMT
Last-Modified: Fri, 11 Apr 2014 21:02:06 GMT
ETag: "0848dda6f9148f1f1c58add084bfbc08"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 3289
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 812d9740acde03d07ad420ca4bf085c8
4088894ab67cfd7dd89b9271eecb7d3a33bb7c25
ab30da8811c73e2ddd0319456290ba7b27306a622c3643ca0e1281069fd30a07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s3.amazonaws.com/logos.formetocoupon.com/120x60/45137.jpg
200 OK 34 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/45137.jpg
IP
Hash ea27ea04083eee80662089bc2c4e6f35
3c8a2cf36b72595e8651f8a0026e5c5749d5b26e
77d412009ef23309066f94fa05ec6f7a23316bd5056b09e363d4479fb41abe63
GET /logos.formetocoupon.com/120x60/45137.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: i22Mo9J6gSb/IjX385v/WX9kpS8g2g5jApRnY2OS4w/q25y+psPvjpYeYylmRk+3/McRA/myfJk=
x-amz-request-id: QJFZB111XXSCTVPV
Date: Fri, 21 Oct 2022 07:02:14 GMT
Last-Modified: Wed, 07 Oct 2020 06:48:52 GMT
ETag: "c06f917133f51135a708a10e060e52fe"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 23080
i.ytimg.com/vi_webp/ZFBI_JoDwew/sddefault.webp
200 OK 21 kB URL HTTP/2 i.ytimg.com/vi_webp/ZFBI_JoDwew/sddefault.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9bc80783dd42606a38e3210ad1b3711d
28445b6ec0a0426acf5164a6df5076b7303347a6
3248bd00f508984ec3bdaea739c1f2a745768a30e6d897c2aa4d928ad84ac54e
GET /vi_webp/ZFBI_JoDwew/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 21248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 07:02:13 GMT
expires: Fri, 21 Oct 2022 09:02:13 GMT
cache-control: public, max-age=7200
etag: "1648682389"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
200 OK 90 kB URL HTTP/2 trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
IP
Hash 97daeda06fa5452d5620ce6dfd738271
572f719bd8bd4fc9ef10016d3d00184ff9831b4a
4e71f8133b8d297f5181c5955a9b6afc864c5e1072f6db81e8f1f6cfb75bd652
GET /50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:08 GMT
content-type: image/jpeg
server: nginx
vary: Accept-Encoding
expires: Sun, 20 Nov 2022 07:02:07 GMT
pragma: public
cache-control: max-age=2591999
content-encoding: gzip
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/33881.jpg
200 OK 22 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/33881.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:06:01 08:10:22], baseline, precision 8, 120x60, components 3\012- data
Hash e394b576ca95e2a49a8a7b8eda503c6a
a1fe574db4bb064614c810b4eeb293b3d3b221ec
7a55deebd04dce485ef536bdfd55f4c8a2aed9deaac22e987dfaefbc58f998a9
GET /logos.formetocoupon.com/120x60/33881.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: ttXGgkOBfiIiv9Z0DBpp/pdDoh1rouZyalqgeiFDx20YlXb3qZ+YupX3gmP2EGwufUtThU/6+bo=
x-amz-request-id: QJFNKNY23JF7T5E9
Date: Fri, 21 Oct 2022 07:02:14 GMT
Last-Modified: Wed, 01 Jun 2022 06:12:32 GMT
ETag: "e394b576ca95e2a49a8a7b8eda503c6a"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 21602
s3.amazonaws.com/logos.formetocoupon.com/120x60/33650.jpg
200 OK 32 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/33650.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2019:12:09 11:35:22], baseline, precision 8, 120x60, components 3\012- data
Hash a16b43f73d95fbfdc48816eaafdc47c9
f84950482be1db3e2aff7c08d18b87ed542c1e5c
c577d99bd06de7d5d269339b692b8108ffd1d87ae2b3d060628a570e45f46474
GET /logos.formetocoupon.com/120x60/33650.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: NdyiUJPzKRXWzxBxOBJ6Zyx/CtfC697egsWVq2x7iFxIdvyx9Deu2EeqFeH1wydNJlAekrfDEN0=
x-amz-request-id: QJFV9XRF5B2HJYVR
Date: Fri, 21 Oct 2022 07:02:14 GMT
Last-Modified: Mon, 09 Dec 2019 09:36:20 GMT
ETag: "a16b43f73d95fbfdc48816eaafdc47c9"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 31686
yt3.ggpht.com/frZNsgk2zBlccfRh-5BuaeygKDnMtM8THuKkcUkdyyiVusMTe3jOrjnMKz39sCDGvs1pRZgXgQ=s68-c-k-c0x00ffffff-no-rj
200 OK 2.9 kB URL HTTP/2 yt3.ggpht.com/frZNsgk2zBlccfRh-5BuaeygKDnMtM8THuKkcUkdyyiVusMTe3jOrjnMKz39sCDGvs1pRZgXgQ=s68-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 154367c025f64b7e936b58e616d0117e
07212c5ed2eaf5422aeb22116c3f43f7e073c9dc
88aec24845bf5c9721abffa6d5376a145662eec365d6c8c5ecb894340cbe656d
GET /frZNsgk2zBlccfRh-5BuaeygKDnMtM8THuKkcUkdyyiVusMTe3jOrjnMKz39sCDGvs1pRZgXgQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2884
x-xss-protection: 0
date: Fri, 21 Oct 2022 07:02:13 GMT
expires: Thu, 20 Oct 2022 04:39:50 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/25994.png
200 OK 23 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/25994.png
IP
File type PNG image data, 120 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash d393ea44323ada3ef8d05acc389162a5
22c912b333887cbe0a9ddc502e47608f5f5b9664
393c9d3eb32c980b810f48cf80a19fe54143694027a5a9d5be9e7f93b8402119
GET /logos.formetocoupon.com/120x60/25994.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: vYrO0/Iq0McT0DqrBEBo/DvXs20XnGcJ2l7ZVJvGbHGDfi30vK+PJ8U2BCFq8j5kamkD/Z6NW9o=
x-amz-request-id: QJFZ19016XMNR0E7
Date: Fri, 21 Oct 2022 07:02:14 GMT
Last-Modified: Mon, 07 Dec 2015 16:49:59 GMT
ETag: "d393ea44323ada3ef8d05acc389162a5"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 23209
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 812d9740acde03d07ad420ca4bf085c8
4088894ab67cfd7dd89b9271eecb7d3a33bb7c25
ab30da8811c73e2ddd0319456290ba7b27306a622c3643ca0e1281069fd30a07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ih0.redbubble.net/image.2615509652.3915/flat,220x200,075,t.u5.jpg
200 OK 9.5 kB URL HTTP/2 ih0.redbubble.net/image.2615509652.3915/flat,220x200,075,t.u5.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash bec24a797621dc1b550df36956ebada4
2e28ce3cc5e85db3d2c5fb26f7a328f594a620c8
4e57c4041246929caec036f63290e869dea5923090d2e263a083a0cd9df0f51b
GET /image.2615509652.3915/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 1077268
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Fri, 21 Oct 2022 07:02:13 GMT
etag: W/"4e57c4041246929caec036f63290e869"
last-modified: Sat, 08 Oct 2022 19:47:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7F81)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: b0ac1ab6-a28b-4a96-a7b6-4f1b185ea558
x-xss-protection: 1; mode=block
content-length: 9544
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9672bedf1fa670225eefaecdc092811d
a8d92ca94bcc736d174034dc7cb64d5a3eded9ce
6d4deffd8138cbce44fe7c84270e5bfc4194a1df68709ffe30c7f4b5e671aae1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/d36aPUaJ1Pg?autoplay=1&controls=0&start=2&end=2&modestbranding=1&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=d36aPUaJ1Pg
200 OK 40 kB URL HTTP/2 www.youtube.com/embed/d36aPUaJ1Pg?autoplay=1&controls=0&start=2&end=2&modestbranding=1&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=d36aPUaJ1Pg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58608)
Hash 933053ed37bf944861566c837d4abec9
04fb2bde796009a44d9355666e59030f82347fb8
3c3c484babe24059ded5471f3945422b473c4d0b936434ea2dde2d712b580dd3
GET /embed/d36aPUaJ1Pg?autoplay=1&controls=0&start=2&end=2&modestbranding=1&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=d36aPUaJ1Pg HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 21 Oct 2022 07:02:11 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=u84rPvjbof8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=d2heYX1Ej3w; Domain=.youtube.com; Expires=Wed, 19-Apr-2023 07:02:11 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+661; expires=Sun, 20-Oct-2024 07:02:11 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/nip8E9ASw52gOJQxdluWu8PK6GgTMaw87ja5NFJnc8le4062UgDFMgxzd2_UmGmz3PbyvBBG=s68-c-k-c0x00ffffff-no-rj
200 OK 2.9 kB URL HTTP/2 yt3.ggpht.com/nip8E9ASw52gOJQxdluWu8PK6GgTMaw87ja5NFJnc8le4062UgDFMgxzd2_UmGmz3PbyvBBG=s68-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 73eea0bc3378ebdf7f3ed8311b2d1f9e
44bc2e5b5f953c901df6237b49c825b354671391
2dc9e7612ab1864f756e75873319ca21e35da2f0a19a7ab0e20e6ac9ce71811f
GET /nip8E9ASw52gOJQxdluWu8PK6GgTMaw87ja5NFJnc8le4062UgDFMgxzd2_UmGmz3PbyvBBG=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Sat, 22 Oct 2022 07:02:13 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 21 Oct 2022 07:02:13 GMT
server: fife
content-length: 2924
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/54542.jpg
200 OK 21 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/54542.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:09:29 20:01:24], progressive, precision 8, 120x60, components 3\012- data
Hash e99c4784fa9d973c1c48112debaa3e20
2057f925eaae4ed4309b2e542f07edb6f5a35ba5
25cb6f0ff7c5eb9ac9f73f66823af3c1e4fef8d73521f83964be1698682a1f5b
GET /logos.formetocoupon.com/120x60/54542.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: wHTbt05N3dAVIsvW7+tmakk95kMljfBb+OmRPNpIq2GuV9NbSni1NgQ1VFsW3T/2cqnlqmIG9FY=
x-amz-request-id: QJFWZBT18FWEZ5AY
Date: Fri, 21 Oct 2022 07:02:14 GMT
Last-Modified: Thu, 29 Sep 2022 18:03:21 GMT
ETag: "e99c4784fa9d973c1c48112debaa3e20"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 21377
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash afec682d334e0120d01be77930a43f1c
671e19437ae0c25741da2efd31e8a8a80ffff36e
12b1e4e2ca9ebd5070004643735e76abf4a953bb9af97ffa9d59086f13e8ba7a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash afec682d334e0120d01be77930a43f1c
671e19437ae0c25741da2efd31e8a8a80ffff36e
12b1e4e2ca9ebd5070004643735e76abf4a953bb9af97ffa9d59086f13e8ba7a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ih1.redbubble.net/image.2423146004.3028/raf,220x200,075,t,black.u5.jpg
200 OK 7.1 kB URL HTTP/2 ih1.redbubble.net/image.2423146004.3028/raf,220x200,075,t,black.u5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash ea2e9b008dd5ea4ae82bd436910c2533
9b839ada94e09772f01c49af1032b9f046e9b6ed
0220c6be7d3cfcffc662fcab4c31803925ec7e294e4165098a1b364ad8800ace
GET /image.2423146004.3028/raf,220x200,075,t,black.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 5178570
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Fri, 21 Oct 2022 07:02:13 GMT
etag: W/"0220c6be7d3cfcffc662fcab4c318039"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7F84)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 0c943895-8cf5-4c7d-88fc-024373c4d11a
x-xss-protection: 1; mode=block
content-length: 7140
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png
200 OK 753 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png
IP
File type PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 95b83ee0d2cb98b5133345024a14031e
fb1f79f434185cabeda75b895cb0e98113c8c6ec
5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0
GET /assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 753
date: Mon, 05 Sep 2022 13:09:45 GMT
server: nginx
last-modified: Sun, 04 Sep 2022 10:06:31 GMT
expires: Thu, 02 Sep 2032 13:09:45 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: l4zvarM8PdFVz9ZVTI1m0zV5wHiyuogWXf9_R9VNAU80-4kXdoF8Cg==
age: 3952348
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif
200 OK 1.8 kB URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif
IP
File type GIF image data, version 89a, 32 x 32\012- data
Hash 53c8654b9584bb9f925f2e9f12a3a365
69b347445a08ef2e1235cb8ff2fad484d59ae7d3
8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d
GET /assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 1785
date: Wed, 18 May 2022 14:23:23 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=315360000, public
etag: "628373c3-6f9"
expires: Sat, 15 May 2032 14:23:23 GMT
last-modified: Tue, 17 May 2022 10:06:59 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZM_es_FTY0XGaHDrvRLsg52ic9RB7GBUv3d5xcb0gyD_phhC1dQhhg==
age: 13451930
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png
200 OK 147 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png
IP
File type PNG image data, 7 x 10, 8-bit gray+alpha, non-interlaced\012- data
Hash aafe97f737c068ef75a9410c8a45f5a4
0d1856e53194b2a68d1976a21fe05d20eac683b6
44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47
GET /assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 147
date: Fri, 27 May 2022 01:22:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=315360000, public
etag: "628dff80-93"
expires: Mon, 24 May 2032 01:22:02 GMT
last-modified: Wed, 25 May 2022 10:05:52 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: o54d1TzEwmciXSX-UiOTIQcumBR26QEg3qk7j6nYNNUM066wltp1Qg==
age: 12721211
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/44869.jpg
200 OK 21 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/44869.jpg
IP
Hash 7f6e0e9ea3bc02374491258aa71e0ee3
4a3e10dddcff893d0924d5818d4a0335fda0d9bb
6ef5ab4fdf9e78a7221c70471e90c68fe2c9ab5b382dc57d34bf4fc352740ec3
GET /logos.formetocoupon.com/120x60/44869.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 1m/oKXp+Q7IZrkZtSQ9/lYbGmu3ILwuf5IJJ988SVqL5lCE06gOskURM7BoIr3RF1R4CQjbyRiE=
x-amz-request-id: QJFZW5XJWG6SY4A2
Date: Fri, 21 Oct 2022 07:02:14 GMT
Last-Modified: Fri, 18 Sep 2020 16:09:35 GMT
ETag: "ce9e1958f27f0be73c24b082a03db1ee"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 19298
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1666357333&ei=9UNSY9HWCZGh7QSi45H4Dw&ip=91.90.42.154&id=o-AOesgy85p4b7Rj6NQuuLBNFTpF0XEWaux834sJOnQ9CW&itag=251&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1948750&spc=yR2vp0-_-1YwV2lTA_k0UI2GfHD24d4&vprv=1&mime=audio%2Fwebm&ns=mzNcXlFbGFQAiulCHd7CrhsI&gir=yes&clen=142602&dur=9.801&lmt=1644075043895481&mt=1666335179&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=uWr4yJLWCn-72g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJyRzKWQR9Bf9XayE6NbEbys6y5502SkK6T7N8v3JPttAiEAiIWCQGuFCxxKCnGUAvv_zhfPQt0XH55BAMIns-6Y_sw%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJIfBIzAFkPev2UOnGGlSYMdTzMPEMNZVfz0EYCyjKkjAiEA0xDZVd2GjfAVLX79k_-6qUCxF-5cdGgSGQlnK0RTZkA%3D&alr=yes&cpn=qhrSaHi0CZF9yotd&cver=1.20221018.01.00&range=0-65812&rn=2&rbuf=0
200 OK 66 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1666357333&ei=9UNSY9HWCZGh7QSi45H4Dw&ip=91.90.42.154&id=o-AOesgy85p4b7Rj6NQuuLBNFTpF0XEWaux834sJOnQ9CW&itag=251&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1948750&spc=yR2vp0-_-1YwV2lTA_k0UI2GfHD24d4&vprv=1&mime=audio%2Fwebm&ns=mzNcXlFbGFQAiulCHd7CrhsI&gir=yes&clen=142602&dur=9.801&lmt=1644075043895481&mt=1666335179&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=uWr4yJLWCn-72g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJyRzKWQR9Bf9XayE6NbEbys6y5502SkK6T7N8v3JPttAiEAiIWCQGuFCxxKCnGUAvv_zhfPQt0XH55BAMIns-6Y_sw%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJIfBIzAFkPev2UOnGGlSYMdTzMPEMNZVfz0EYCyjKkjAiEA0xDZVd2GjfAVLX79k_-6qUCxF-5cdGgSGQlnK0RTZkA%3D&alr=yes&cpn=qhrSaHi0CZF9yotd&cver=1.20221018.01.00&range=0-65812&rn=2&rbuf=0
IP
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash a3e5161d67b6bcdbc2900f34d1b62837
70cfc40fc73887edd4962521d8a1f4355c2ae0ec
16b997a701a210873b11d55fb91acd40c67ac75f0cb35f6af030685640ad6647
GET /videoplayback?expire=1666357333&ei=9UNSY9HWCZGh7QSi45H4Dw&ip=91.90.42.154&id=o-AOesgy85p4b7Rj6NQuuLBNFTpF0XEWaux834sJOnQ9CW&itag=251&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1948750&spc=yR2vp0-_-1YwV2lTA_k0UI2GfHD24d4&vprv=1&mime=audio%2Fwebm&ns=mzNcXlFbGFQAiulCHd7CrhsI&gir=yes&clen=142602&dur=9.801&lmt=1644075043895481&mt=1666335179&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=uWr4yJLWCn-72g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJyRzKWQR9Bf9XayE6NbEbys6y5502SkK6T7N8v3JPttAiEAiIWCQGuFCxxKCnGUAvv_zhfPQt0XH55BAMIns-6Y_sw%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJIfBIzAFkPev2UOnGGlSYMdTzMPEMNZVfz0EYCyjKkjAiEA0xDZVd2GjfAVLX79k_-6qUCxF-5cdGgSGQlnK0RTZkA%3D&alr=yes&cpn=qhrSaHi0CZF9yotd&cver=1.20221018.01.00&range=0-65812&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 05 Feb 2022 15:30:43 GMT
Content-Type: audio/webm
Date: Fri, 21 Oct 2022 07:02:13 GMT
Expires: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 65813
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1666357333&ei=9UNSY9HWCZGh7QSi45H4Dw&ip=91.90.42.154&id=o-AOesgy85p4b7Rj6NQuuLBNFTpF0XEWaux834sJOnQ9CW&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1948750&spc=yR2vp0-_-1YwV2lTA_k0UI2GfHD24d4&vprv=1&mime=video%2Fwebm&ns=mzNcXlFbGFQAiulCHd7CrhsI&gir=yes&clen=372609&dur=9.766&lmt=1644075043168469&mt=1666335179&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=uWr4yJLWCn-72g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJeXF1DWixjCHAnDlydaSpf1RW2NLX5brBMf2844suWYAiEAx1mRaPJKD7dKv6_GIwK9sQ3UYejZnIY__EORM-A7nfs%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJIfBIzAFkPev2UOnGGlSYMdTzMPEMNZVfz0EYCyjKkjAiEA0xDZVd2GjfAVLX79k_-6qUCxF-5cdGgSGQlnK0RTZkA%3D&alr=yes&cpn=qhrSaHi0CZF9yotd&cver=1.20221018.01.00&range=0-83624&rn=1&rbuf=0
200 OK 84 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1666357333&ei=9UNSY9HWCZGh7QSi45H4Dw&ip=91.90.42.154&id=o-AOesgy85p4b7Rj6NQuuLBNFTpF0XEWaux834sJOnQ9CW&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1948750&spc=yR2vp0-_-1YwV2lTA_k0UI2GfHD24d4&vprv=1&mime=video%2Fwebm&ns=mzNcXlFbGFQAiulCHd7CrhsI&gir=yes&clen=372609&dur=9.766&lmt=1644075043168469&mt=1666335179&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=uWr4yJLWCn-72g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJeXF1DWixjCHAnDlydaSpf1RW2NLX5brBMf2844suWYAiEAx1mRaPJKD7dKv6_GIwK9sQ3UYejZnIY__EORM-A7nfs%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJIfBIzAFkPev2UOnGGlSYMdTzMPEMNZVfz0EYCyjKkjAiEA0xDZVd2GjfAVLX79k_-6qUCxF-5cdGgSGQlnK0RTZkA%3D&alr=yes&cpn=qhrSaHi0CZF9yotd&cver=1.20221018.01.00&range=0-83624&rn=1&rbuf=0
IP
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash a5cff876e8757875138a219b1e112192
37a633577e49a52ff0dfbbb1ba4d612fde9c31c6
c5056416db1e6e9d48e859b48175c9140292647bda2333babd32a54ca5523c78
GET /videoplayback?expire=1666357333&ei=9UNSY9HWCZGh7QSi45H4Dw&ip=91.90.42.154&id=o-AOesgy85p4b7Rj6NQuuLBNFTpF0XEWaux834sJOnQ9CW&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1948750&spc=yR2vp0-_-1YwV2lTA_k0UI2GfHD24d4&vprv=1&mime=video%2Fwebm&ns=mzNcXlFbGFQAiulCHd7CrhsI&gir=yes&clen=372609&dur=9.766&lmt=1644075043168469&mt=1666335179&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=uWr4yJLWCn-72g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJeXF1DWixjCHAnDlydaSpf1RW2NLX5brBMf2844suWYAiEAx1mRaPJKD7dKv6_GIwK9sQ3UYejZnIY__EORM-A7nfs%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAJIfBIzAFkPev2UOnGGlSYMdTzMPEMNZVfz0EYCyjKkjAiEA0xDZVd2GjfAVLX79k_-6qUCxF-5cdGgSGQlnK0RTZkA%3D&alr=yes&cpn=qhrSaHi0CZF9yotd&cver=1.20221018.01.00&range=0-83624&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 05 Feb 2022 15:30:43 GMT
Content-Type: video/webm
Date: Fri, 21 Oct 2022 07:02:13 GMT
Expires: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 83625
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash afec682d334e0120d01be77930a43f1c
671e19437ae0c25741da2efd31e8a8a80ffff36e
12b1e4e2ca9ebd5070004643735e76abf4a953bb9af97ffa9d59086f13e8ba7a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 958 B IP
Hash 945d749080eafa74935eca0a48ed270c
45788ac817a0125f9c42afda2033cdcdbdd86d2c
feba685a5d9c0085f51db35eacc9b34981c35f2c71fd718428eb9376f0ccda85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4094
Cache-Control: max-age=94755
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Etag: "6351031a-1d7"
Expires: Sat, 22 Oct 2022 09:21:28 GMT
Last-Modified: Thu, 20 Oct 2022 08:13:14 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/undefined/sdk.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/undefined/sdk.js
IP
File type ASCII text, with very long lines (1961)
Hash 37c6784bd1488fd33041868bba68e9bf
cd5335142ea8baf07254eb47741862a59a0fd0e8
73b399776dc84e66c085a29c830c2e04d123f6426f0e4eb98d083f9a729c0beb
GET /undefined/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 256a362a0a6639283b68b3cd702b3169
etag: "42330e3da74f0f65cd52ab8a05b5b3d8"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 21 Oct 2022 07:10:58 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: N8Z4S9FIj9MwQYaLumjpvw==
x-fb-debug: I98L/589QxrHzbwFzVmJUQR2NuOhXpnF0b5nVsKL3I+niIlpy3pd5AgG8sCN6LVw9pG2oDmYOmDfhrEr8fkMxw==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1904183273
date: Fri, 21 Oct 2022 07:02:13 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 3f290cedd01b4a81b6a04cc063ffae78
bee7247a8fe4989960ee73053fd70ac45859b066
9a334b44fbaf8c430e23d564b2ccc751f1313d60bfe545b49ab4f56cf8d9323d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4094
Cache-Control: max-age=94755
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:13 GMT
Etag: "6351031a-1d7"
Expires: Sat, 22 Oct 2022 09:21:28 GMT
Last-Modified: Thu, 20 Oct 2022 08:13:14 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 279 B IP
Hash 417af4d9ca51c28af15654ef7b3c6264
d0d283de11c6d4480e8fe2bc2014d917291c9b04
a1715fe4917519a13355199f6180656fb0a13f52569590dbd58c44f46b11f1e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4513
Cache-Control: max-age=105969
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:16 GMT
Etag: "63512d48-117"
Expires: Sat, 22 Oct 2022 12:28:25 GMT
Last-Modified: Thu, 20 Oct 2022 11:13:12 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0e33502-97b5-4327-985f-813c8107dbb8.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0e33502-97b5-4327-985f-813c8107dbb8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b772335d96ac97ec5b28623955fb026d
7a19bf011359ad768b05dd79cec66787d2dc59fd
c13e7384880ec6fe431f3627eb61529c7fdb934cf0b021b4586ff2dc1c2e1244
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0e33502-97b5-4327-985f-813c8107dbb8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4786
x-amzn-requestid: 263fe384-2385-48c4-b250-1708a3cdd710
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKKFOYoAMF92Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-46dfbb85286685373b0b5e77;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xdusXhbeR0jyonK4NDRdcAGEDLLLJ5rL1X3u4seqIpfGaw4yIN5LEg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:50:08 GMT
age: 33129
etag: "7a19bf011359ad768b05dd79cec66787d2dc59fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
imgallery.llsvr.com/5edfb59a6de2e.jpg
200 OK 40 kB URL HTTP/2 imgallery.llsvr.com/5edfb59a6de2e.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 60", baseline, precision 8, 800x542, components 3\012- data
Hash c6cf8355376b79fbaf284b58c980499c
da2dc2665b0eccbe1cbc9f82dc9f6eae025c4f3b
3aa12ff81986a4b23c014af2e88596a91349d3c9cae071f57ac68f888c2d4ed8
GET /5edfb59a6de2e.jpg HTTP/1.1
Host: imgallery.llsvr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:17 GMT
content-type: image/jpeg
content-length: 39546
last-modified: Sat, 05 Mar 2022 06:26:05 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SeXcS2FrT2%2FatEmqbHQGO887CZWVXLZIEIKpAFSCsgwslxf%2Bw2CEU%2B8UQamRlr937ZwOsSZhusdMPKZuH%2FHcNtIPqqX4ScThp9drbJ67j2LCTTVfGsjdbDIBi4dwdd1AnR%2B1GsP%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d82071de531c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 417af4d9ca51c28af15654ef7b3c6264
d0d283de11c6d4480e8fe2bc2014d917291c9b04
a1715fe4917519a13355199f6180656fb0a13f52569590dbd58c44f46b11f1e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4514
Cache-Control: max-age=105969
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 07:02:17 GMT
Etag: "63512d48-117"
Expires: Sat, 22 Oct 2022 12:28:26 GMT
Last-Modified: Thu, 20 Oct 2022 11:13:12 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
use.fontawesome.com/releases/v5.15.4/css/all.css
200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/all.css
IP
GET /releases/v5.15.4/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:08 GMT
content-type: text/css
x-amz-id-2: bD98/1XT7XlmeTa7eqOvl4KnkzwEFnxbHvt6c1+F8+lckH0UIZ6OrBKX3ItTM59bdWYXhWbwzoM=
x-amz-request-id: HT95EDH71EJS5YSW
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 31195205
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6YuKA0FEklX8WNkm6HrercJib2QytX9jpV5K%2B9b5j03Dpe3y9W8m82Kh3nGLGVhmxbsYVZu0BRP%2Bw3Z9R%2B96gvTTB9FGtRcCMRZJ7%2Baq%2B9GIopfhfow71U3tfVo%2FNEeBffTDL%2FX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75d8204169bff3f7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
trafficadbar.com/bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/
200 OK 0 B URL HTTP/2 trafficadbar.com/bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/
IP
GET /bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/ HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:11 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/118-cloud/css/preview.pro.css
200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/118-cloud/css/preview.pro.css
IP
ASN #34989 ServeTheWorld AS
GET /builds/pro/118-cloud/css/preview.pro.css HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:11 GMT
content-type: text/css
server: BunnyCDN-NO-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"54a7ad0f842668d8c46a872d36fc539f"
last-modified: Sat, 17 Sep 2022 10:22:32 GMT
x-amz-id-2: D6QDgws3xuxTQ+QNMSK6y+Afu42vRtJg+dMJ/yfsNSikHRQKKVoE6mbdD/xTxFNPkzpiL+11ez8=
x-amz-request-id: 58ZC5YDKAGPY8EA2
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/17/2022 10:52:09
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/118-cloud/css/preview.pro.css>; rel="canonical"
cdn-status: 200
cdn-requestid: 2aba2da8b372d63692f1088ae4c37daf
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdn.gravitec.net/modules/0.bundle.js
200 OK 0 B URL HTTP/2 cdn.gravitec.net/modules/0.bundle.js
IP
ASN #39572 DataWeb Global Group B.V.
GET /modules/0.bundle.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:12 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
etag: W/"61fa486f-2550"
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
IP
GET /css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 21 Oct 2022 07:02:10 GMT
date: Fri, 21 Oct 2022 07:02:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
w.leadsleap.com/php.php?ll_id=w68721&ll_sr=&ll_r=scsa7588&ll_tbo=&ll_hc=%23e22121&ll_tc=%23555a69&ll_cc=%238d9aa6&ll_bc=%23ffffff&ll_dc=%238891a8&ll_w=300&ll_fh=auto&ll_h=250&ll_b=&ll_n=6&ll_fs=&ll_ff=&ll_pa=0&ll_bgc=&ll_s=w&ll_br=&ll_cl=&ll_nc=1&ll_nf=0&ll_nh=0&ll_nm=0&ll_np=1&ll_fo=&ll_no=&ll_so=&ll_nt=0&ll_wt=1&ll_url=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&ll_rf=https%3A%2F%2Fllclickpro.com%2F
200 OK 0 B URL HTTP/2 w.leadsleap.com/php.php?ll_id=w68721&ll_sr=&ll_r=scsa7588&ll_tbo=&ll_hc=%23e22121&ll_tc=%23555a69&ll_cc=%238d9aa6&ll_bc=%23ffffff&ll_dc=%238891a8&ll_w=300&ll_fh=auto&ll_h=250&ll_b=&ll_n=6&ll_fs=&ll_ff=&ll_pa=0&ll_bgc=&ll_s=w&ll_br=&ll_cl=&ll_nc=1&ll_nf=0&ll_nh=0&ll_nm=0&ll_np=1&ll_fo=&ll_no=&ll_so=&ll_nt=0&ll_wt=1&ll_url=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&ll_rf=https%3A%2F%2Fllclickpro.com%2F
IP
GET /php.php?ll_id=w68721&ll_sr=&ll_r=scsa7588&ll_tbo=&ll_hc=%23e22121&ll_tc=%23555a69&ll_cc=%238d9aa6&ll_bc=%23ffffff&ll_dc=%238891a8&ll_w=300&ll_fh=auto&ll_h=250&ll_b=&ll_n=6&ll_fs=&ll_ff=&ll_pa=0&ll_bgc=&ll_s=w&ll_br=&ll_cl=&ll_nc=1&ll_nf=0&ll_nh=0&ll_nm=0&ll_np=1&ll_fo=&ll_no=&ll_so=&ll_nt=0&ll_wt=1&ll_url=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&ll_rf=https%3A%2F%2Fllclickpro.com%2F HTTP/1.1
Host: w.leadsleap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:16 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GC5TzMwDk0nDZE9VItX7emwToZJAPCfZzoESWNHQBs%2FH3HUXu3T8hepgaEZrW2SAUjZWkO4sumlQwAdIJY36ngHPrFJyETvO3PeyU%2BC%2FW8dJoywFPb5jne84%2BaLWzy3H%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75d820719ab5b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.youtube.com/embed/aWzlQ2N6qqg?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
200 OK 0 B URL HTTP/2 www.youtube.com/embed/aWzlQ2N6qqg?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
IP
GET /embed/aWzlQ2N6qqg?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 21 Oct 2022 07:02:11 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Wwvu8Au3q0Q; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=IUZmK6iguaw; Domain=.youtube.com; Expires=Wed, 19-Apr-2023 07:02:11 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+966; expires=Sun, 20-Oct-2024 07:02:11 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
200 OK 0 B URL HTTP/2 www.youtube.com/embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
IP
GET /embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 21 Oct 2022 07:02:11 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=NLZ2E7PUS20; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=VBjrxF69UaI; Domain=.youtube.com; Expires=Wed, 19-Apr-2023 07:02:11 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+111; expires=Sun, 20-Oct-2024 07:02:11 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
assets6.lottiefiles.com/private_files/lf30_aXRkcv.json
200 OK 0 B URL HTTP/2 assets6.lottiefiles.com/private_files/lf30_aXRkcv.json
IP
GET /private_files/lf30_aXRkcv.json HTTP/1.1
Host: assets6.lottiefiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 1800
last-modified: Wed, 10 Jun 2020 03:42:46 GMT
x-amz-version-id: cl7YYcZ.eZwJkn7C3eZLvmpcNwHYuuSO
server: AmazonS3
content-encoding: br
date: Fri, 21 Oct 2022 07:02:14 GMT
etag: W/"fc1fe14e06bca801e615880167a4397d"
vary: Accept-Encoding,Origin
x-cache: RefreshHit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VyQEsEIPURclRv775Q__U1gyt8da5FqehgjbdgZgL9J4oAzuK87t8w==
X-Firefox-Spdy: h2
trafficadbar.com/bar/page2.php?a=MTGSamurai&b=490&c=90&d=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&ref1=https%3A%2F%2Fllclickpro.com%2F&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
200 OK 0 B URL HTTP/2 trafficadbar.com/bar/page2.php?a=MTGSamurai&b=490&c=90&d=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&ref1=https%3A%2F%2Fllclickpro.com%2F&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
IP
GET /bar/page2.php?a=MTGSamurai&b=490&c=90&d=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&ref1=https%3A%2F%2Fllclickpro.com%2F&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://trafficadbar.com/bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 07:02:11 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: referrer_username=MTGSamurai; expires=Fri, 02-Jan-1970 03:46:40 GMT; Max-Age=0; path=/; secure; httponly; samesite=none
referred_from_website=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing; expires=Fri, 02-Jan-1970 03:46:40 GMT; Max-Age=0; path=/; secure; httponly; samesite=none
referrer_source=wbar; expires=Fri, 02-Jan-1970 03:46:40 GMT; Max-Age=0; path=/; secure; httponly; samesite=none
content-encoding: gzip
X-Firefox-Spdy: h2
52.202.155.140
194.242.11.186
104.17.24.14
31.13.72.12
35.214.184.209
93.184.220.29