vouchersavenue.com/1000-bf?source=digital&aff_sub=100&aff_sub2=641c88defe1fe60001bb563a&aff_sub3=100_2049&hoid=102bcc4428820c1492a4e281a98a98
3.217.132.248301 Moved Permanently 162 B URL HTTP/1.1 vouchersavenue.com/1000-bf?source=digital&aff_sub=100&aff_sub2=641c88defe1fe60001bb563a&aff_sub3=100_2049&hoid=102bcc4428820c1492a4e281a98a98
IP 3.217.132.248:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /1000-bf?source=digital&aff_sub=100&aff_sub2=641c88defe1fe60001bb563a&aff_sub3=100_2049&hoid=102bcc4428820c1492a4e281a98a98 HTTP/1.1
Host: vouchersavenue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 23 Mar 2023 17:14:41 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://vouchersavenue.com/1000-bf?source=digital&aff_sub=100&aff_sub2=641c88defe1fe60001bb563a&aff_sub3=100_2049&hoid=102bcc4428820c1492a4e281a98a98
Strict-Transport-Security: max-age=31536000; includeSubDomains
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6928
Expires: Thu, 23 Mar 2023 19:10:10 GMT
Date: Thu, 23 Mar 2023 17:14:42 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 210a2a42cfc4f4aced144f5de9babcc6
ece6ecfb2db8d036c3bfc7f02f8ea387e3f965db
59553a312d3fb34f1f0aea469f7e7cc810ff9993481ddbd73ea5d461cf97ed51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59553A312D3FB34F1F0AEA469F7E7CC810FF9993481DDBD73EA5D461CF97ED51"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7319
Expires: Thu, 23 Mar 2023 19:16:41 GMT
Date: Thu, 23 Mar 2023 17:14:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 16:27:34 GMT
content-type: application/json
age: 2828
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6167
Expires: Thu, 23 Mar 2023 18:57:29 GMT
Date: Thu, 23 Mar 2023 17:14:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kCJuw35a/i7MxwPnhADiKE/aK/D+ahSx5+M0zVIu2JWLtpMvkBW0XpjUP7zWMDeCfPgKjRxEhoE=
x-amz-request-id: Z81YX9W31W99C6R1
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 16:54:07 GMT
age: 1235
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 17:14:42 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash efafae6cfd8df6cc895aa7fc51e11ccd
52a1b2a894c2fc5b27869584f9b87aadb5ebe306
b83f6becf5eac006fd35d7ffd32011fc6e91113e04191084ff0511aa24056df0
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=97493
Date: Thu, 23 Mar 2023 17:14:42 GMT
Etag: "641b62d7-1d7"
Expires: Fri, 24 Mar 2023 20:19:35 GMT
Last-Modified: Wed, 22 Mar 2023 20:19:35 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZStKebs_YJtohGCuAqn8YWmQCPzJHRBzCRfRWShsDb3CK2OEfcG5OQ==
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 17:14:33 GMT
age: 9
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
vouchersavenue.com/1000-bf?source=digital&aff_sub=100&aff_sub2=641c88defe1fe60001bb563a&aff_sub3=100_2049&hoid=102bcc4428820c1492a4e281a98a98
3.217.132.248302 Found 418 B URL HTTP/2 vouchersavenue.com/1000-bf?source=digital&aff_sub=100&aff_sub2=641c88defe1fe60001bb563a&aff_sub3=100_2049&hoid=102bcc4428820c1492a4e281a98a98
IP 3.217.132.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4b9c12079c6c0d614610dc7f1b2b4922
14c294bb58636b939399a04329b77fe5c4c29ae7
2e05d03c8615148277cfde1d33dc453b427152f404994e72b34d68c4658c6928
GET /1000-bf?source=digital&aff_sub=100&aff_sub2=641c88defe1fe60001bb563a&aff_sub3=100_2049&hoid=102bcc4428820c1492a4e281a98a98 HTTP/1.1
Host: vouchersavenue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 23 Mar 2023 17:14:42 GMT
content-type: text/html; charset=UTF-8
content-length: 418
location: https://vouchersavenue.com/1000-bf/signup/1
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: contest_session=K8QRlrkBVWXXekIKp86eP5J9svxnM88sEMZ8F2dx; path=/; secure; httponly; samesite=none
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
vouchersavenue.com/1000-bf/signup/1
3.217.132.248200 OK 3.5 kB URL HTTP/2 vouchersavenue.com/1000-bf/signup/1
IP 3.217.132.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (519), with CRLF, LF line terminators
Hash d513e988c0d0bc84565e03a2435ba91f
aa3c050fca7c1be3638ae4c5c89203a66eec180f
5b765486a9fdb60dd2a6ad9ff857f8f2ec181b2ee7ec2477ac630b7a3f7ff32a
GET /1000-bf/signup/1 HTTP/1.1
Host: vouchersavenue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: contest_session=K8QRlrkBVWXXekIKp86eP5J9svxnM88sEMZ8F2dx
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:42 GMT
content-type: text/html; charset=UTF-8
content-length: 3526
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: contest_session=K8QRlrkBVWXXekIKp86eP5J9svxnM88sEMZ8F2dx; path=/; secure; httponly; samesite=none
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 18b877ebbad1529e4bd91e12220d91c4
a3d64fb3d9cc1fe3a29b261c4ec9acfe134dfedc
7001d3ef847c7002ac15155f0dfcc0a369f19860e85c8e90530f1e7b2dd88f09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7001D3EF847C7002AC15155F0DFCC0A369F19860E85C8E90530F1E7B2DD88F09"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8103
Expires: Thu, 23 Mar 2023 19:29:45 GMT
Date: Thu, 23 Mar 2023 17:14:42 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash a563513e8fb14fb6796ff13a072cd3db
3e1d51e451b3c450c1213d3fce208e84522b1511
78ecd87f634efd2b5b6644a9d97285807cb26452571be0cef89f6d84dd3b32c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 17:14:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=
142.250.74.168200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=
IP 142.250.74.168:0
File type ASCII text, with very long lines (2206)
Hash 8539f69767d667d24e395197e6c48738
eeb909ed7e27dedb2d887e758f6a594cbee2b8a9
948124a3ec61b548752646cc9b63716b0389337a998534c05d779e37a048ce90
GET /gtag/js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 23 Mar 2023 17:14:42 GMT
expires: Thu, 23 Mar 2023 17:14:42 GMT
cache-control: private, max-age=900
last-modified: Thu, 23 Mar 2023 16:30:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38512
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vouchersavenue.com/css/themes/snapchat.css?id=2f132e063687b0886f07
3.217.132.248200 OK 2.5 kB URL HTTP/2 vouchersavenue.com/css/themes/snapchat.css?id=2f132e063687b0886f07
IP 3.217.132.248:0
File type ASCII text, with very long lines (10452), with no line terminators
Hash cf5595b35921ec7d5529cf9d89398ee1
393217b46a3a170a74878f55aad0fc4de7360778
bad0ed62a5dda41dda1f6a232b58c358a5f02c1c784203581f65b2299d359a50
GET /css/themes/snapchat.css?id=2f132e063687b0886f07 HTTP/1.1
Host: vouchersavenue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/1000-bf/signup/1
Cookie: contest_session=K8QRlrkBVWXXekIKp86eP5J9svxnM88sEMZ8F2dx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:42 GMT
content-type: text/css
content-length: 2509
last-modified: Wed, 22 Mar 2023 14:58:55 GMT
etag: "28d4-5f77e662209c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 23c054d3aee551b6fdc42a5a472a7040
b1a46c12ac7d65c979fd1998bdb243f3dba8f956
9e8b91ab91da9ea20dfb5f90c1c06239d2872b0eb80785534d0c59c3b51de404
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 17:14:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cache.consentframework.com/js/pa/26948/c/Ifv2D/stub
172.67.74.105200 OK 1.5 kB URL HTTP/2 cache.consentframework.com/js/pa/26948/c/Ifv2D/stub
IP 172.67.74.105:0
File type ASCII text, with very long lines (1604), with no line terminators
Hash 401123fb85ff6f2b358a9c7cde25411d
faac7ae27acc78de7519d6b4694dfbc1775150c5
fd7d2596818a77f20a753dd5df786acaf225d95e1ad01d8d42f3db4c4714f1d1
GET /js/pa/26948/c/Ifv2D/stub HTTP/1.1
Host: cache.consentframework.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:42 GMT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600
strict-transport-security: max-age=15724800; includeSubDomains; preload
last-modified: Thu, 23 Mar 2023 16:55:41 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsmcF2LnOWQgbRuGCVIZwt9oy3Tnl5%2FOJRGrngr4uiuxAyw98rBm2XNruO2BzaQ3BdW6h1xuOpRb90ZntT7I5bdjmHQHtFPX2JodptwSHBacSdNx4otXfS8YvxNTKGQo5Jbp%2BZEzxmK2qD%2Bo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac84ff21e1e1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 17:14:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 342da587101df62e3e8f03dc4a87f93d
897c40f31b24adf281b804bbca7f0ffba5b86816
f6b8dde2c506c3ec03517324e93c04058e44e345dae5a52e5f49c97d77455aec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 17:14:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1f9a2356fd2afff45e7bb7460c6eedcb
44688ecd1d60a2b9cd0894ef1b40cf41728d4b79
9abfe77600b4efab5dfbf8dc25147f0b3f055b8381e7feebb069a18bf5e5f043
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9ABFE77600B4EFAB5DFBF8DC25147F0B3F055B8381E7FEEBB069A18BF5E5F043"
Last-Modified: Thu, 23 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12957
Expires: Thu, 23 Mar 2023 20:50:40 GMT
Date: Thu, 23 Mar 2023 17:14:43 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1f9a2356fd2afff45e7bb7460c6eedcb
44688ecd1d60a2b9cd0894ef1b40cf41728d4b79
9abfe77600b4efab5dfbf8dc25147f0b3f055b8381e7feebb069a18bf5e5f043
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9ABFE77600B4EFAB5DFBF8DC25147F0B3F055B8381E7FEEBB069A18BF5E5F043"
Last-Modified: Thu, 23 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12989
Expires: Thu, 23 Mar 2023 20:51:12 GMT
Date: Thu, 23 Mar 2023 17:14:43 GMT
Connection: keep-alive
vouchersavenue.com/css/app.css?id=34c33efe043c43862f12
3.217.132.248200 OK 47 kB URL HTTP/2 vouchersavenue.com/css/app.css?id=34c33efe043c43862f12
IP 3.217.132.248:0
File type ASCII text, with very long lines (34575)
Hash 9aa7637461475ac970d678b9e5b5d4cf
8b8483265b23910e56b4eeb71f4ade305e0a9abd
dbe8b8b6bac6ddfd129d440c897d3d14cdfb9830a11da7b772567e4eac9d05c4
GET /css/app.css?id=34c33efe043c43862f12 HTTP/1.1
Host: vouchersavenue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/1000-bf/signup/1
Cookie: contest_session=K8QRlrkBVWXXekIKp86eP5J9svxnM88sEMZ8F2dx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:42 GMT
content-type: text/css
content-length: 47045
last-modified: Wed, 22 Mar 2023 14:58:55 GMT
etag: "3bb41-5f77e662209c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
vouchersavenue.com/ehawktalon.js
3.217.132.248200 OK 14 kB URL HTTP/2 vouchersavenue.com/ehawktalon.js
IP 3.217.132.248:0
File type Unicode text, UTF-8 text, with very long lines (32046)
Hash 0f0cb03c72e2d87095aa2107ca944c75
71dcb06e8cdacdae437510d182922bb1a103530c
1f01c055b2af0e645f23d8917630c276b10e0f056208ccb12f5e238acea301b2
GET /ehawktalon.js HTTP/1.1
Host: vouchersavenue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/1000-bf/signup/1
Cookie: contest_session=K8QRlrkBVWXXekIKp86eP5J9svxnM88sEMZ8F2dx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:42 GMT
content-type: application/javascript
content-length: 13595
last-modified: Mon, 20 Mar 2023 15:20:30 GMT
etag: "ab47-5f75677a36b80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1f9a2356fd2afff45e7bb7460c6eedcb
44688ecd1d60a2b9cd0894ef1b40cf41728d4b79
9abfe77600b4efab5dfbf8dc25147f0b3f055b8381e7feebb069a18bf5e5f043
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9ABFE77600B4EFAB5DFBF8DC25147F0B3F055B8381E7FEEBB069A18BF5E5F043"
Last-Modified: Thu, 23 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 23 Mar 2023 23:14:43 GMT
Date: Thu, 23 Mar 2023 17:14:43 GMT
Connection: keep-alive
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YkVP0/vssdB9fLDB/SA7SA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rqceG4x7TsihZtBnNWqY2xhbEKs=
choices.consentframework.com/js/pa/26948/c/Ifv2D/cmp
51.15.145.115200 OK 200 kB URL HTTP/1.1 choices.consentframework.com/js/pa/26948/c/Ifv2D/cmp
IP 51.15.145.115:0
File type Unicode text, UTF-8 text, with very long lines (65513), with no line terminators
Size 200 kB (199567 bytes)
Hash f92c386948acf52b7c18f0e53f1a8237
f8a0bbf515c9d43effbae39ff50b461bf2349c29
aa754d85c3391dc1dc2b98ab496a4cc2d7eebbea84c880d47c54c5c037dec9d8
GET /js/pa/26948/c/Ifv2D/cmp HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Thu, 23 Mar 2023 17:14:43 GMT
Content-Type: text/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, max-age=3600
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
imgs.tagadamedia.com/media/us/24/750x350-2435.jpg
138.199.36.10200 OK 196 kB URL HTTP/2 imgs.tagadamedia.com/media/us/24/750x350-2435.jpg
IP 138.199.36.10:0
ASN #60068 Datacamp Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x350, components 3\012- data
Size 196 kB (195486 bytes)
Hash f012dd7643df57bd854eded2b7eca08b
172ba3007fef260f3a9a2f13471719866ea4800b
599752106fef6f50ad7463b9253977e3072052c3b51bc5a1d752abd322e13f4a
GET /media/us/24/750x350-2435.jpg HTTP/1.1
Host: imgs.tagadamedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:43 GMT
content-type: image/jpeg
content-length: 195486
server: BunnyCDN-DE1-1053
cdn-pullzone: 61945
cdn-uid: 5d127034-96a6-45e8-a482-4f40615f18db
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 25 Oct 2022 14:21:08 GMT
x-amz-id-2: SR2yT0SImWwHQLQAdodZ59Q+YYviNHx9prlDVQzS9Z+DEBHNUfK1pNbqU0DkHqhxebEhIvxxXDo=
x-amz-request-id: T3VFYQ6E8BAQ0CDM
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 03/20/2023 02:02:16
cdn-edgestorageid: 1081
cdn-status: 200
cdn-requestid: b2188fd0333a6ea93d9bc6a0a5c8cfa8
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
imgs.tagadamedia.com/media/us/24/1680x870-2437.jpg
138.199.36.10200 OK 600 kB URL HTTP/2 imgs.tagadamedia.com/media/us/24/1680x870-2437.jpg
IP 138.199.36.10:0
ASN #60068 Datacamp Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1680x870, components 3\012- data
Size 600 kB (599942 bytes)
Hash b5e934418776a094e63973679e70b644
7f3631cd8de1ede80b143c5c18fcaea12edd197c
52b8a5b42e751eaec546e94789eef97f1d408c187e808e232cac96036f135ab7
GET /media/us/24/1680x870-2437.jpg HTTP/1.1
Host: imgs.tagadamedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:43 GMT
content-type: image/jpeg
content-length: 599942
server: BunnyCDN-DE1-1053
cdn-pullzone: 61945
cdn-uid: 5d127034-96a6-45e8-a482-4f40615f18db
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 25 Oct 2022 14:21:08 GMT
x-amz-id-2: 6QmiEW6ijQubxQPMKPECXypKNvtmMHeycW/dJgU1BN8ewgCOOk58xZxMJyh6hy9EQELw1WlSGVM=
x-amz-request-id: T3V6ZMEGTE4Y6JW4
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 03/20/2023 02:02:16
cdn-edgestorageid: 1081
cdn-status: 200
cdn-requestid: 5be567d37d0967eecc3fc5955c28eb96
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
vouchersavenue.com/images/arrow.png?7f2569fbaa873919c1f0c3d4904688e9
3.217.132.248200 OK 520 B URL HTTP/2 vouchersavenue.com/images/arrow.png?7f2569fbaa873919c1f0c3d4904688e9
IP 3.217.132.248:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 7f2569fbaa873919c1f0c3d4904688e9
ea31ae54e1b95971175a2e288b23373af312334d
a559b0b063bf93ec5697e973d579dc0f943b912307d5793f29413311494d120d
GET /images/arrow.png?7f2569fbaa873919c1f0c3d4904688e9 HTTP/1.1
Host: vouchersavenue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/css/themes/snapchat.css?id=2f132e063687b0886f07
Cookie: contest_session=K8QRlrkBVWXXekIKp86eP5J9svxnM88sEMZ8F2dx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:43 GMT
content-type: image/png
content-length: 520
last-modified: Wed, 22 Mar 2023 14:58:55 GMT
etag: "208-5f77e662209c0"
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 097d447e049e3b41f92a4695b1b0c3c7
f39c9ef8d22bee41d940bf719c75b2cfae9291d5
459e0e586fca9a4720e4e25fa59978368c9d373ee86575a7b40d0ef4262043ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 17:14:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.35200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vouchersavenue.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 22:29:05 GMT
expires: Thu, 21 Mar 2024 22:29:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
age: 67538
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash dd5380daefecc523858637dcbdda1cf3
0ec5910f57d8ab84179a5d0687e6b16d2cacfb1a
e58977b0dceb06edf2a7c752aa433c71b3bca571e814a7a83bbddc75d4428c0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 17:14:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
choices.consentframework.com/api/v1/public/consent-string
51.15.145.115200 OK 0 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/consent-string
IP 51.15.145.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/public/consent-string HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://vouchersavenue.com/
Origin: https://vouchersavenue.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Thu, 23 Mar 2023 17:14:44 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
choices.consentframework.com/api/v1/public/user-action
51.15.145.115200 OK 0 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/user-action
IP 51.15.145.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/public/user-action HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://vouchersavenue.com/
Origin: https://vouchersavenue.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Thu, 23 Mar 2023 17:14:44 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
choices.consentframework.com/api/v1/public/consent-string
51.15.145.115200 OK 237 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/consent-string
IP 51.15.145.115:0
File type JSON data\012- , ASCII text, with very long lines (453), with no line terminators
Hash 0ae5d24d55da6567ba489ce61ba4d606
09d7f7d86c03c5a902eda5eed37808d66315c556
3882f2378974560c5531b571d35f7fb862809cbfae38187c0b5a79e5149f75bb
POST /api/v1/public/consent-string HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vouchersavenue.com/
Content-Type: application/json
Origin: https://vouchersavenue.com
Content-Length: 527
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Thu, 23 Mar 2023 17:14:44 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
choices.consentframework.com/api/v1/public/user-action
51.15.145.115200 OK 0 B URL HTTP/1.1 choices.consentframework.com/api/v1/public/user-action
IP 51.15.145.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/public/user-action HTTP/1.1
Host: choices.consentframework.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vouchersavenue.com/
Content-Type: application/json
Origin: https://vouchersavenue.com
Content-Length: 159
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Thu, 23 Mar 2023 17:14:44 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
ocsp.digicert.com/
192.229.221.95200 OK 727 B IP 192.229.221.95:0
Hash 429d72a1e7dad538ee46d5eab2a2a372
91eb82d6e31822b2738985c527c62daab7c4f235
2d092e81410f34012e9870de4f9d8b1d05362e799e7a2dc306d17f61735df19e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4085
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 17:14:44 GMT
Last-Modified: Thu, 23 Mar 2023 16:06:39 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 727
js.cookieless-data.com/GS.d?pa=26948&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Fvouchersavenue.com%2F1000-bf%2Fsignup%2F1&r=&rand=1679591692468&gdpr=1&gdpr_consent=CPpE-EAPpE-EABcAIBENC9CgAAAAAH_AABpwIyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEZACTDVuIAuzLHAm0DCKBECMKwkIgFABBQDC0QEADg4KdlYBPrCJAAgFAEYEQIcAUYEAgAAEgCQiACQIsEAAAIgEAAIAEAiEABAwCCgAsBAIAAQDQMQAoABAkIMiIiKUwICoEggJbKhBKC6Q0wgCrLACgERsFAAiCQAVgACAsHAMESAlYsECTEG0QAAAAAAAA&globalscope=false&cookieless_optout=0&tbp=true
51.158.28.82200 OK 0 B URL HTTP/1.1 js.cookieless-data.com/GS.d?pa=26948&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Fvouchersavenue.com%2F1000-bf%2Fsignup%2F1&r=&rand=1679591692468&gdpr=1&gdpr_consent=CPpE-EAPpE-EABcAIBENC9CgAAAAAH_AABpwIyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEZACTDVuIAuzLHAm0DCKBECMKwkIgFABBQDC0QEADg4KdlYBPrCJAAgFAEYEQIcAUYEAgAAEgCQiACQIsEAAAIgEAAIAEAiEABAwCCgAsBAIAAQDQMQAoABAkIMiIiKUwICoEggJbKhBKC6Q0wgCrLACgERsFAAiCQAVgACAsHAMESAlYsECTEG0QAAAAAAAA&globalscope=false&cookieless_optout=0&tbp=true
IP 51.158.28.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /GS.d?pa=26948&uf_bday=&uf_gender=&cmp=0&u=https%3A%2F%2Fvouchersavenue.com%2F1000-bf%2Fsignup%2F1&r=&rand=1679591692468&gdpr=1&gdpr_consent=CPpE-EAPpE-EABcAIBENC9CgAAAAAH_AABpwIyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEZACTDVuIAuzLHAm0DCKBECMKwkIgFABBQDC0QEADg4KdlYBPrCJAAgFAEYEQIcAUYEAgAAEgCQiACQIsEAAAIgEAAIAEAiEABAwCCgAsBAIAAQDQMQAoABAkIMiIiKUwICoEggJbKhBKC6Q0wgCrLACgERsFAAiCQAVgACAsHAMESAlYsECTEG0QAAAAAAAA&globalscope=false&cookieless_optout=0&tbp=true HTTP/1.1
Host: js.cookieless-data.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Thu, 23 Mar 2023 17:14:44 GMT
Content-Length: 0
Connection: keep-alive
Expires: Tue, 01 Jan 2000 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
X-Xss-Protection: 0
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
cdn.pushmaster-cdn.xyz/scripts/publishers/616c889db7494c0008691a0e/SDK.js
104.26.15.80200 OK 5.8 kB URL HTTP/2 cdn.pushmaster-cdn.xyz/scripts/publishers/616c889db7494c0008691a0e/SDK.js
IP 104.26.15.80:0
File type ASCII text, with very long lines (1621)
Hash ce02a51ecc52c7d0f08ef6bcfd758d3d
a5377fa46b7a48d5d3aa3f706d0a7ecdb0b6708a
40e000b26aa67e4965087d10770c7412e3b3e0ee4784081df12269c381e68b62
GET /scripts/publishers/616c889db7494c0008691a0e/SDK.js HTTP/1.1
Host: cdn.pushmaster-cdn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:44 GMT
content-type: application/javascript
x-amz-id-2: K2Nwi49qjjnW7MDyVf+/urTguKGaLRoSSbScsMpjomFk102k2o6JoqEzOMkhshIvuwhHeYM4ewk=
x-amz-request-id: MRE73ZWPV52R28YP
last-modified: Thu, 07 Jul 2022 18:16:14 GMT
x-amz-version-id: 3iDpsZiRXmLsrKEtZ1pm4Wp_k22Zwbi1
etag: W/"e239a1a8fb10138990c101e3957c013d"
cache-control: max-age=86400
cf-cache-status: HIT
age: 448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yaDHR%2BUbq8HBKMuW44afFViGRABGrb9DyhaBHiCYelfkzgzZk9HXvbCTmO%2Bb2YOtQem1NDkL8ZI1ZkvmTOJtOQCkLl6hSGPa3DUX6hsgArMxh3to4f5i2AT9Y0J2efsgl6X0kuVYyJ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac84ffadb99fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BRK97NBJ857475I0MEDG
95.101.10.90200 OK 1.8 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BRK97NBJ857475I0MEDG
IP 95.101.10.90:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2673)
Hash 7002738190e664e78ab90641696e7ce1
996f83440b8545259a616977d0af7727ce47085c
7d37c5ff47497ad3325bddc70a7584138197dcd2fe28c2937e8d35ca351c72c1
GET /i18n/pixel/sdk.js?sdkid=BRK97NBJ857475I0MEDG HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20230323171444D32D0E2EF01D6C1D07D7
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb66755a1c24157a3051669ba5aecb9c46f37f27ce3b9064fcb3317426d9c3a4c1f0437c38f98da2ebb618ea4b21a1f5a0746bd03ed4edc3dab9fa75c233ed95e3e9d5b4713e816f678e1ab7e1b4f32c92473af4d9bf71384b07dc9b93b81672daa
content-encoding: gzip
content-length: 1798
x-origin-response-time: 9,23.220.104.213
x-akamai-request-id: 4e6d8be0.39bb3c5d
expires: Thu, 23 Mar 2023 17:14:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 23 Mar 2023 17:14:44 GMT
x-cache: TCP_MISS from a95-101-10-86.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
vary: Accept-Encoding
set-cookie: _ttp=2NQM7RvCZ3nYmPVFhG87r0bm9g0; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-220-104-213.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=8, inner; dur=3
x-parent-response-time: 104,95.101.10.86
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
95.101.10.90200 OK 66 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js
IP 95.101.10.90:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21891)
Hash 2cc1557d4389098e4fb0a286d28898b7
412e14d52fb000fe55e919a9aed2d5637c438693
34164b3ca4f0b781bf510f4a9a21cf7c42d2b300d8c7ea949c9f851088e54847
GET /i18n/pixel/static/main.MTE3ZGZjMmFkMA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Cookie: _ttp=2NQM7RvCZ3nYmPVFhG87r0bm9g0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230221145329D9E27CA0DC66C0FD94D0
x-tt-trace-host: 012f02cd23070ac00a0817281d5a7a74cf0b29783654be77f90759ecadc4cb8bb137fd4dac0c8f58f3bcb5545a4384d60b9dd421770e9499ec436fccbf366ea74c7334738d6d9d52ccbfffa3062dded125c7acd87b98eadba87c4be5c65c997d76
content-encoding: gzip
content-length: 66119
date: Thu, 23 Mar 2023 17:14:44 GMT
x-cache: TCP_HIT from a95-101-10-86.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
x-akamai-request-id: 39bb3cf0
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17212
Expires: Thu, 23 Mar 2023 22:01:36 GMT
Date: Thu, 23 Mar 2023 17:14:44 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17212
Expires: Thu, 23 Mar 2023 22:01:36 GMT
Date: Thu, 23 Mar 2023 17:14:44 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17212
Expires: Thu, 23 Mar 2023 22:01:36 GMT
Date: Thu, 23 Mar 2023 17:14:44 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17212
Expires: Thu, 23 Mar 2023 22:01:36 GMT
Date: Thu, 23 Mar 2023 17:14:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f0b9e85381489dcf646c251722b21d4
5f7ea91288a2170bcabdca6be296718c4191eacd
911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: V_1L8vYf9-uS_-cGgsCstGC__IYpLZjEa0gOlsYgYOWwNJxxXJo83g==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:09:40 GMT
age: 68704
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2062cf7a271d4ac7a04c0a746d443e07
3343851f2128c5f1fe4302c2aa53e8ce1fb661ac
e479263c1742d2597cf8948ef059b0bc97dbb97f47bb5cafee3d4af12069d2ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f57fa6-bac5-42a3-be66-ebcc96d82ea2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10407
x-amzn-requestid: 87aba2e6-d7e8-4456-a12f-e05ac556b839
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqJhGnXIAMF1yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a23d6-2b6c3d62366f47f506ce8415;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:38:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: lKww3e9Hvk0r0LPn7u6pu6Fx9V8RThNVxQEdyWVFAQdOun-53X-tLw==
via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:01:26 GMT
age: 69198
etag: "3343851f2128c5f1fe4302c2aa53e8ce1fb661ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 800c2662fd6ab8829a02b7d63084c38d
0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239
76545e9f75dc558fdb7b54550934c7775318fb4150a9309f60e65d982d2e576e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5950
x-amzn-requestid: ce85112e-428d-4ca1-9dac-1d6c8c6dc74a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CKyF9EI3oAMFtyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a96f2-05c5948d6f74948b1c67d68c;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 05:49:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: lnMR6Lh4T37cFhMwb1qXIxjoPBghVFOGUz7HTt65DegMaxlElZxfjQ==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:32 GMT
age: 70272
etag: "0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 412bd6aea60211324e649d7d920601d2
a813976bda850a584b5ab94d9a70bfe0da69aca0
d36ef17fc6ab3cd4e5e43836f7df2c6fdf1781f1bac73e42c9a09e8594f797f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22c3f36a-d800-4eab-8a32-e2b5ef86e386.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: 1b374321-f2df-404f-ab91-4e73d830fac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqmAEhHoAMFgRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a248c-217d81154ecfe0c44ca70432;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:41:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 3EQiNxuVVZEQZb14f9NC8565Ky3LV0Oj5JWg-_fVc9-B91xgBuHB5Q==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:48:05 GMT
age: 69999
etag: "a813976bda850a584b5ab94d9a70bfe0da69aca0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c05bfdf1411a931d8ea9adc64b07bc74
156ef59e53564a4f2b27002b2695fafecd578d82
15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6692
x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM9d9FcOoAMFaFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: PNAVsyfdAHjn5F6Rt1uz1U46QCIGvTCqZatbAurr6Ilu0quHWExuSw==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:34 GMT
age: 70270
etag: "156ef59e53564a4f2b27002b2695fafecd578d82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4a771935927950222124e14b56046df
d07fe53e4ac41048497b2732c017f6666c3eda9e
4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4912
x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8H3Fl1IAMFYgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 4xGMCVWy2EXLLN8keteGLQvQjOp6KH97rkn_FK10eyng0-5EudcOig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:33 GMT
etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e"
content-type: image/jpeg
age: 70271
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js
95.101.10.90200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js
IP 95.101.10.90:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash fb6593acf6980819b1e523c5b227b9d3
65ee92619d1c809274ae96e3b73d40dfbc2566b9
00d74b2b8ddfef286c1f0985ad3755f5f2198f8dc8ce6a001920d9fc082c4043
GET /i18n/pixel/static/identify_cab4d.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Cookie: _ttp=2NQM7RvCZ3nYmPVFhG87r0bm9g0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230221145330D9E27CA0DC66C0FD94DA
x-tt-trace-host: 012f02cd23070ac00a0817281d5a7a74cf0b29783654be77f90759ecadc4cb8bb137fd4dac0c8f58f3bcb5545a4384d60b640e9332326312d6639f7259fcc215b67393ff35c0ddd1454cfcc77b4c1be8e9f6ec824693450e69fde7ecdace525083
content-encoding: gzip
content-length: 30762
date: Thu, 23 Mar 2023 17:14:44 GMT
x-cache: TCP_MEM_HIT from a95-101-10-86.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 39bb3d7e
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 590594bc47a5c5cbf288e8bd59e1786c
74c36eeb82eec968838e073c1ffcea08311cd73b
ee382a88a6160aa8e292520f17c3d36ec7b8b2edb7b892f7a22934ea4617ccb1
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141640
Date: Thu, 23 Mar 2023 17:14:44 GMT
Etag: "641bfbe8-1d7"
Expires: Sat, 25 Mar 2023 08:35:24 GMT
Last-Modified: Thu, 23 Mar 2023 07:12:40 GMT
Server: ECAcc (bsa/EB26)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xwy4QuTUoNdBe97YX5a7K5IA9Jn2DC4A5wYC8FwSyCVXts9Fer6xdw==
Age: 4964
analytics.tiktok.com/api/v2/pixel
95.101.10.90200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 95.101.10.90:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 791
Origin: https://vouchersavenue.com
Connection: keep-alive
Referer: https://vouchersavenue.com/
Cookie: _ttp=2NQM7RvCZ3nYmPVFhG87r0bm9g0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20230323171444B180F7F16F187DDD8FF6
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb6a2c045892b71644a073b9155a3274cda8503d21da6b0f3ab61232eb31628c108b3cf34b9fab7aac500c286485e006f0b0c0a91ce3356978f384304b553e53208111df7a18ff715c0da799ff21780c93f
expires: Thu, 23 Mar 2023 17:14:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 23 Mar 2023 17:14:44 GMT
x-cache: TCP_MISS from a95-101-10-86.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=22, cdn-cache; desc=MISS, edge; dur=5, origin; dur=115
x-origin-response-time: 115,95.101.10.86
x-akamai-request-id: 39bb3d91
X-Firefox-Spdy: h2
api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16795916927360.03880670202123293
54.236.68.177301 Moved Permanently 134 B URL HTTP/2 api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16795916927360.03880670202123293
IP 54.236.68.177:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16795916927360.03880670202123293 HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Thu, 23 Mar 2023 17:14:44 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16795916927360.03880670202123293
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-7NEF16H3WB>m=45je33m0h2&_p=905493006&gcs=G100&cid=685306700.1679591693&ul=en-us&sr=1280x1024&_s=1&sid=1679591692&sct=1&seg=0&dl=https%3A%2F%2Fvouchersavenue.com%2F1000-bf%2Fsignup%2F1&dt=Vouchers%20Avenue%20%3A%201000%20BF&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-7NEF16H3WB>m=45je33m0h2&_p=905493006&gcs=G100&cid=685306700.1679591693&ul=en-us&sr=1280x1024&_s=1&sid=1679591692&sct=1&seg=0&dl=https%3A%2F%2Fvouchersavenue.com%2F1000-bf%2Fsignup%2F1&dt=Vouchers%20Avenue%20%3A%201000%20BF&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7NEF16H3WB>m=45je33m0h2&_p=905493006&gcs=G100&cid=685306700.1679591693&ul=en-us&sr=1280x1024&_s=1&sid=1679591692&sct=1&seg=0&dl=https%3A%2F%2Fvouchersavenue.com%2F1000-bf%2Fsignup%2F1&dt=Vouchers%20Avenue%20%3A%201000%20BF&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vouchersavenue.com
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://vouchersavenue.com
date: Thu, 23 Mar 2023 17:14:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 16b37da4e00b760120db2510ca3a3bea
29722d25ce28ab58a8f79dc4d1d124c8f3c8a725
fa70f3f63310890b07aaf2a277b36ac45c2bbceb7c89a89761edc169819158d4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160751
Date: Thu, 23 Mar 2023 17:14:44 GMT
Etag: "641c4acb-1d7"
Expires: Sat, 25 Mar 2023 13:53:55 GMT
Last-Modified: Thu, 23 Mar 2023 12:49:15 GMT
Server: ECAcc (nya/1C1E)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kmuqJ-J7LsnhqeWJTNP61HgRZhIBzvFXuFqKT1viSeC8XMGFdJH38w==
Age: 3880
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash d09ed5b5ccfa429cf3ded7d6634ce586
e1d26f666c2b0ecf75aa847b3ee907c41514b588
b5536c7e81811b1a5ffeb8dcc80a08f14b4c5ed5ddb2c53b4b52f84c721beeed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 17:14:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=844900551.1679591693&url=https%3A%2F%2Fvouchersavenue.com%2F1000-bf%2Fsignup%2F1>m=45He33k0n81P645S3F
142.250.74.66200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=844900551.1679591693&url=https%3A%2F%2Fvouchersavenue.com%2F1000-bf%2Fsignup%2F1>m=45He33k0n81P645S3F
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /pagead/landing?gcs=G100&gcd=G100&rnd=844900551.1679591693&url=https%3A%2F%2Fvouchersavenue.com%2F1000-bf%2Fsignup%2F1>m=45He33k0n81P645S3F HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vouchersavenue.com
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 17:14:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash a915d32a83e98b84cdd15b3d0d102414
5b746aa044b2c4feb1c59f0216163d38a15599c2
75dd05bcb5eda69e13bacaba1b629632f8c1dc65575c84b6b3b5906fe56ac9ff
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 23 Mar 2023 17:14:44 GMT
Last-Modified: Thu, 23 Mar 2023 16:36:14 GMT
Server: ECAcc (nya/1C4D)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: isWKjPRVV2JJTifD7zT6cKhWZY4NkcI56R_cpJMpPMB-RT85J0Ua7A==
Age: 2310
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash d09ed5b5ccfa429cf3ded7d6634ce586
e1d26f666c2b0ecf75aa847b3ee907c41514b588
b5536c7e81811b1a5ffeb8dcc80a08f14b4c5ed5ddb2c53b4b52f84c721beeed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 17:14:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pwrkr.s3.amazonaws.com/push-worker-sdk-TAGA2958.js
52.217.93.132200 OK 222 B URL HTTP/1.1 pwrkr.s3.amazonaws.com/push-worker-sdk-TAGA2958.js
IP 52.217.93.132:0
Hash c86f20d2163476bfa9d8c8ddb4d9ab5b
c79017b2c0c8a134d646d43eab957c1a0dae504e
88535ddc6ee6525237614935cf4a2a3ac15797263a4468a65082ab4b788d94c1
GET /push-worker-sdk-TAGA2958.js HTTP/1.1
Host: pwrkr.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 9JMqN/KlJnQHWgyhYwS075MN4XXx7nlY7dTdtSA73gukoGYgv5Rpa/cTxprB1jrdK6a7nQ2zOiU=
x-amz-request-id: 64VVW4WW2HKBT2GK
Date: Thu, 23 Mar 2023 17:14:45 GMT
Last-Modified: Wed, 30 Mar 2022 18:54:24 GMT
ETag: "c86f20d2163476bfa9d8c8ddb4d9ab5b"
x-amz-version-id: qXUXhRDuiTMcAHML6mtY_O8jIrrAfEra
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 222
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 379a2fbd344e831660925d0d744b3d5c
1c0ec933b8324427c2f414761bddecc56e04a15f
75761b3194c344b173bbfe645cfb61640572d1472e8cdcf6b42b3c9d74d02ce3
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 23 Mar 2023 17:14:45 GMT
Last-Modified: Thu, 23 Mar 2023 15:28:05 GMT
Server: ECAcc (nya/1C6A)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: pllgghA0g4iyv_p1pMm8j7CbUOEx3rLmvhltT_R-WICpaPnKbLlm8Q==
Age: 6400
api.pushnami.com/scripts/v1/pushnami-adv/5cc0bb93e04a8c20b5240228
54.230.111.53200 OK 19 kB URL HTTP/2 api.pushnami.com/scripts/v1/pushnami-adv/5cc0bb93e04a8c20b5240228
IP 54.230.111.53:0
File type ASCII text, with very long lines (533)
Hash cd3e070cf02d2affd61c44f7595220a7
48667c2180aad5001e49ca6395b7bdeccfa4b1af
ae1f156b8e39af73700c33cee2fcaf643ea36c330e2a2d7bb1e973f0c928fcec
GET /scripts/v1/pushnami-adv/5cc0bb93e04a8c20b5240228 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Thu, 23 Mar 2023 17:14:44 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Miss from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3rgrwmDu9JRaudB2t-7QAMW8RsQcZ9VzlUTgfuSj4A6n-ivgLSLPWA==
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 7ba2eac293b882c62e172f4995670ac0
a0c114424d8ba45f91a426cc83abc665b8dff17b
52b73c47a8e71e6266d827dbe6cd9e2bf17fb4e47419fa42c16ca8e5b56a26a0
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111076
Date: Thu, 23 Mar 2023 17:14:45 GMT
Etag: "641b88bf-1d7"
Expires: Sat, 25 Mar 2023 00:06:01 GMT
Last-Modified: Wed, 22 Mar 2023 23:01:19 GMT
Server: ECAcc (bsa/EAF6)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xLZAXQW2-PEGhiUUipa-fzK8kg4RLc7LmQeaSBarjiLXXsLrthw_DQ==
Age: 3882
s.yimg.com/wi/ytc.js
188.125.94.206200 OK 5.9 kB IP 188.125.94.206:0
File type ASCII text, with very long lines (16553), with no line terminators
Hash 2f6a1b8a4843f74a5ba54c055fcb3850
919a5f9166f3f9c73803cebd312ad016570a30d8
1b6439153633e4e2dc23c743e14218931c1b4912bc7a3ad64bfee1d2d6982f50
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: lTG8xWVJfY/VTZ8+I1DoPMtZ5JnvGh+4xvgnItUr0mV07scPCQA4NAQFjx/++37nLidL6zCuCyw=
x-amz-request-id: 1AVAGKN2CCNWA1MB
date: Thu, 23 Mar 2023 17:12:03 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
content-encoding: gzip
age: 163
content-length: 5929
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 4f854cb1688bc0266ffd286eb6e81089
24b179739eea5eeb80d089087b992057c1de7a4e
31d0c650d82485852f52d0db111ac6c63776c34a4b0a1409eab760ecde0b0705
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4769
Cache-Control: max-age=96093
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 17:14:45 GMT
Etag: "641b4ac1-1d7"
Expires: Fri, 24 Mar 2023 19:56:18 GMT
Last-Modified: Wed, 22 Mar 2023 18:36:49 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash e5f5bf796d91f271e383cf1ff3ee5af4
70ead02da19095ca752d55e89a48fcdf59d44d33
247f023e282f1556e668df0033858196d682f31f659d1b53ea6dcaeff56c401a
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 9WgW2Ys5wMhDYIldbgRi5mgXUOp5PIP5KoVy/YNIpXFScrUxvjciI9cUormh3Eu83UgVav9yd/lDvPxkqbDMTA==
content-length: 27907
x-fb-trip-id: 1679558926
date: Thu, 23 Mar 2023 17:14:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 4f854cb1688bc0266ffd286eb6e81089
24b179739eea5eeb80d089087b992057c1de7a4e
31d0c650d82485852f52d0db111ac6c63776c34a4b0a1409eab760ecde0b0705
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4001
Cache-Control: max-age=95325
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 17:14:45 GMT
Etag: "641b4ac1-1d7"
Expires: Fri, 24 Mar 2023 19:43:30 GMT
Last-Modified: Wed, 22 Mar 2023 18:36:49 GMT
Server: ECAcc (ska/F757)
X-Cache: HIT
Content-Length: 471
trc.pushnami.com/api/push/track
34.230.132.105200 OK 2 B URL HTTP/2 trc.pushnami.com/api/push/track
IP 34.230.132.105:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /api/push/track HTTP/1.1
Host: trc.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vouchersavenue.com/
content-type: application/x-www-form-urlencoded
key: 5cc0bb93e04a8c20b5240228
Origin: https://vouchersavenue.com
Content-Length: 70
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:45 GMT
content-type: text/html; charset=utf-8
content-length: 2
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
X-Firefox-Spdy: h2
s3.amazonaws.com/pushext.com/sdk-v3.03.js
54.231.128.8200 OK 28 kB URL HTTP/1.1 s3.amazonaws.com/pushext.com/sdk-v3.03.js
IP 54.231.128.8:0
File type ASCII text, with CRLF line terminators
Hash ddcd86ed61e2264d6ebcfd75102f02ee
e0eccfc8ea444bd5eabcf38e22240b4db80fe34a
d568a00003589ad112ddf1f8a27c4cbf7b63a80b1df39a26d1ebc2f185417e53
GET /pushext.com/sdk-v3.03.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: Od967r2PIMbwEXLM/qSj+/imH0inFbqCYZvHsGxw4fXgmT9HtFkJwn1/AqQ5owHM3nNw1AUzJQU=
x-amz-request-id: VDD6Z5TH0ATF0MSH
Date: Thu, 23 Mar 2023 17:14:46 GMT
Last-Modified: Wed, 30 Mar 2022 18:55:32 GMT
ETag: "ddcd86ed61e2264d6ebcfd75102f02ee"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 28274
s.yimg.com/wi/config/10015244.json
188.125.94.206200 OK 22 B URL HTTP/2 s.yimg.com/wi/config/10015244.json
IP 188.125.94.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc
GET /wi/config/10015244.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vouchersavenue.com
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: VDD76ECZH6VC1E8K
x-amz-id-2: AssBexjQC8yiSchAx6I3rQUDKjHpp8U2yr3JfCRN0RqO6GTJ0pcUnGeQAuT07Fh3U31U45X0MUc=
content-type: application/json
date: Thu, 23 Mar 2023 17:14:44 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 1
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=274483184077389&ev=PageView&dl=https%3A%2F%2Fvouchersavenue.com%2F1000-bf%2Fsignup%2F1&rl=&if=false&ts=1679591694571&sw=1280&sh=1024&v=2.9.99&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1679591694569.1395667839&it=1679591693987&coo=false&rqm=GET
31.13.72.36200 OK 110 kB URL HTTP/2 www.facebook.com/tr/?id=274483184077389&ev=PageView&dl=https%3A%2F%2Fvouchersavenue.com%2F1000-bf%2Fsignup%2F1&rl=&if=false&ts=1679591694571&sw=1280&sh=1024&v=2.9.99&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1679591694569.1395667839&it=1679591693987&coo=false&rqm=GET
IP 31.13.72.36:0
File type gzip compressed data, from Unix\012- data
Size 110 kB (110326 bytes)
Hash 3776c8fbc1b922cc63eba3c998e43c0b
9e314f8075f047935efc40b1bfe2368f6167f4de
6cfb2c864d484e89c903f50d9aa389f9b5dcedbb33995a4d54785baba6fe3db7
GET /tr/?id=274483184077389&ev=PageView&dl=https%3A%2F%2Fvouchersavenue.com%2F1000-bf%2Fsignup%2F1&rl=&if=false&ts=1679591694571&sw=1280&sh=1024&v=2.9.99&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1679591694569.1395667839&it=1679591693987&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 23 Mar 2023 17:14:46 GMT
X-Firefox-Spdy: h2
d2m2wsoho8qq12.cloudfront.net/iframe.html?token=10E82D85-5048-2BF7-99D7-F48FAF188A82&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=BEB516A1-60ED-00CC-73EB-A6A318CFA8E9&lac=A223F9AF-E7A0-7D87-DD28-D0C442307BFE
54.230.245.142200 OK 1.4 kB URL HTTP/1.1 d2m2wsoho8qq12.cloudfront.net/iframe.html?token=10E82D85-5048-2BF7-99D7-F48FAF188A82&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=BEB516A1-60ED-00CC-73EB-A6A318CFA8E9&lac=A223F9AF-E7A0-7D87-DD28-D0C442307BFE
IP 54.230.245.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ef825b8a88a51cd76a51d08dfc1d4f99
5bf247bd91a4be0c3b76a70ec8e5e462de0e9f3b
2ac453ec379c3e7b0fa69b810ecf2d6771de3e7611a2599a20f8e8ce9a240af1
GET /iframe.html?token=10E82D85-5048-2BF7-99D7-F48FAF188A82&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=BEB516A1-60ED-00CC-73EB-A6A318CFA8E9&lac=A223F9AF-E7A0-7D87-DD28-D0C442307BFE HTTP/1.1
Host: d2m2wsoho8qq12.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 23 Mar 2023 02:06:02 GMT
Server: nginx
Last-Modified: Wed, 22 Mar 2023 16:44:07 GMT
ETag: W/"641b3057-dbb"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EV0fKkKTYDq1fvwK4iawTCZOdHGK0Y5aedru8tnZBi6eEMzwd0Ne6w==
Age: 54524
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 4bea3164501735028df51bcce691ff02
b08c9026f953d7ad153bc23cdb983679aa993614
c8b34ef9eafbd7c313b8cdbcecc52a3546b1d29c2df5912ead75c848a9603236
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171742
Date: Thu, 23 Mar 2023 17:14:46 GMT
Etag: "641c7d64-1d7"
Expires: Sat, 25 Mar 2023 16:57:08 GMT
Last-Modified: Thu, 23 Mar 2023 16:25:08 GMT
Server: ECAcc (bsa/EB6C)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Bd13dLAHAXzg0WbIUvaD07no09y4Be_Ere_mVO0mhEV1C0GQ98qJKA==
Age: 1920
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 0e7fb9334ca4b278b03b13eae9c8d69b
89a342799593ff563230e03f064e8f8d634301c6
619fad82225cd9fdb60e441b25550479a727336d0fa3b11d5f9c96dee9690fde
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152780
Date: Thu, 23 Mar 2023 17:14:47 GMT
Etag: "641c2a46-1d7"
Expires: Sat, 25 Mar 2023 11:41:07 GMT
Last-Modified: Thu, 23 Mar 2023 10:30:30 GMT
Server: ECAcc (dcb/7F47)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FaQz5cCG3jDnod3jQ_tObRTNkgIqLu8nu5Y_IBIOMe3PT6nq_yXoUg==
Age: 4237
create.leadid.com/2.11.9/GenerateToken?msn=1&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&_=574784379
34.192.171.130200 OK 531 B URL HTTP/2 create.leadid.com/2.11.9/GenerateToken?msn=1&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&_=574784379
IP 34.192.171.130:0
Hash 1379e2e06c7c7b97d90755b7e4b30913
2032a830ec1ec88396fe9d2d83dfc2b2ea2c6f1d
f5ee985bbb43079831654dcd8b4c220f08e2fc9a00258fbae1574b6567ca6c84
POST /2.11.9/GenerateToken?msn=1&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&_=574784379 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 186
Origin: https://vouchersavenue.com
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:45 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 22-Apr-2023 17:14:45 GMT; Max-Age=2592000; path=/
rguserid=c97ec965-62db-4490-bd61-ecc1428637a0; expires=Sat, 22-Apr-2023 17:14:45 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 22-Apr-2023 17:14:45 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 22-Apr-2023 17:14:45 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=4&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&token=10E82D85-5048-2BF7-99D7-F48FAF188A82&_=574784382
34.192.171.130200 OK 20 B URL HTTP/2 create.leadid.com/2.11.9/Snap?msn=4&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&token=10E82D85-5048-2BF7-99D7-F48FAF188A82&_=574784382
IP 34.192.171.130:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /2.11.9/Snap?msn=4&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&token=10E82D85-5048-2BF7-99D7-F48FAF188A82&_=574784382 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 168137
Origin: https://vouchersavenue.com
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:47 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 22-Apr-2023 17:14:47 GMT; Max-Age=2592000; path=/
rguserid=8c5848fb-f8a4-42e7-aabc-708cb8bf4164; expires=Sat, 22-Apr-2023 17:14:47 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 22-Apr-2023 17:14:47 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 22-Apr-2023 17:14:47 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
api.trustedform.com/certs/1a4c525aceb4e0989a9374b4244ee3138c43d761/snapshot
54.236.68.177204 No Content 0 B URL HTTP/2 api.trustedform.com/certs/1a4c525aceb4e0989a9374b4244ee3138c43d761/snapshot
IP 54.236.68.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/1a4c525aceb4e0989a9374b4244ee3138c43d761/snapshot HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 17207
Origin: https://vouchersavenue.com
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 23 Mar 2023 17:14:48 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
api.trustedform.com/certs/1a4c525aceb4e0989a9374b4244ee3138c43d761/fingerprints
54.236.68.177204 No Content 0 B URL HTTP/2 api.trustedform.com/certs/1a4c525aceb4e0989a9374b4244ee3138c43d761/fingerprints
IP 54.236.68.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/1a4c525aceb4e0989a9374b4244ee3138c43d761/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 563
Origin: https://vouchersavenue.com
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 23 Mar 2023 17:14:48 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
api.trustedform.com/certs/1a4c525aceb4e0989a9374b4244ee3138c43d761/events
54.236.68.177204 No Content 0 B URL HTTP/2 api.trustedform.com/certs/1a4c525aceb4e0989a9374b4244ee3138c43d761/events
IP 54.236.68.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/1a4c525aceb4e0989a9374b4244ee3138c43d761/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 626
Origin: https://vouchersavenue.com
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 23 Mar 2023 17:14:49 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
api.trustedform.com/certs/1a4c525aceb4e0989a9374b4244ee3138c43d761/events
54.236.68.177204 No Content 0 B URL HTTP/2 api.trustedform.com/certs/1a4c525aceb4e0989a9374b4244ee3138c43d761/events
IP 54.236.68.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/1a4c525aceb4e0989a9374b4244ee3138c43d761/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 318
Origin: https://vouchersavenue.com
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 23 Mar 2023 17:14:50 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
api.trustedform.com/certs/1a4c525aceb4e0989a9374b4244ee3138c43d761/events
54.236.68.177204 No Content 0 B URL HTTP/2 api.trustedform.com/certs/1a4c525aceb4e0989a9374b4244ee3138c43d761/events
IP 54.236.68.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/1a4c525aceb4e0989a9374b4244ee3138c43d761/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 322
Origin: https://vouchersavenue.com
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 23 Mar 2023 17:14:51 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
create.lidstatic.com/campaign/beb516a1-60ed-00cc-73eb-a6a318cfa8e9.js?snippet_version=2
104.22.38.182200 OK 0 B URL HTTP/2 create.lidstatic.com/campaign/beb516a1-60ed-00cc-73eb-a6a318cfa8e9.js?snippet_version=2
IP 104.22.38.182:0
GET /campaign/beb516a1-60ed-00cc-73eb-a6a318cfa8e9.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:44 GMT
content-type: text/javascript
x-amz-id-2: kfz5gg1fga6GHezcl4YXNDM29heKEpYe0uc2fOGM9M9P3C9+wxpmZecnKOzfcCgop20P9BA9K9A=
x-amz-request-id: NVK6RY1NSD7VD1PG
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 01:06:02 GMT
etag: W/"a26a2a7efa03d037874965870726da4a"
cache-control: max-age=1800
x-amz-version-id: C0ArZgU5VyyGfHMzwlfuO_22EOgyVHi9
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ac84ffb4b9a0a43-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16795916927360.03880670202123293
54.230.111.91200 OK 0 B URL HTTP/2 cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16795916927360.03880670202123293
IP 54.230.111.91:0
GET /bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16795916927360.03880670202123293 HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vouchersavenue.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 23 Mar 2023 17:14:46 GMT
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
x-amz-version-id: oadcnJCg2vYrfrS_vSmPkc6nBoYFDxSV
etag: W/"1b4d8abad5e0668a237e388577c6a93c"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3sYZ5ThE18rAUOwEdqtI_F60pNlgOXblTmGtzSU3pLbQvucw5HYLpQ==
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=7&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&token=10E82D85-5048-2BF7-99D7-F48FAF188A82&_=574784385
34.192.171.130200 OK 0 B URL HTTP/2 create.leadid.com/2.11.9/Snap?msn=7&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&token=10E82D85-5048-2BF7-99D7-F48FAF188A82&_=574784385
IP 34.192.171.130:0
POST /2.11.9/Snap?msn=7&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&token=10E82D85-5048-2BF7-99D7-F48FAF188A82&_=574784385 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 32877
Origin: https://vouchersavenue.com
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:48 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 22-Apr-2023 17:14:48 GMT; Max-Age=2592000; path=/
rguserid=d1e34624-54b8-4c45-8696-fc0d06e9c740; expires=Sat, 22-Apr-2023 17:14:48 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 22-Apr-2023 17:14:48 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 22-Apr-2023 17:14:48 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=3&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&token=10E82D85-5048-2BF7-99D7-F48FAF188A82&_=574784381
34.192.171.130200 OK 0 B URL HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=3&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&token=10E82D85-5048-2BF7-99D7-F48FAF188A82&_=574784381
IP 34.192.171.130:0
POST /2.11.9/InitFormData?msn=3&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&token=10E82D85-5048-2BF7-99D7-F48FAF188A82&_=574784381 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 975
Origin: https://vouchersavenue.com
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:45 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 22-Apr-2023 17:14:45 GMT; Max-Age=2592000; path=/
rguserid=113b4cfe-d92a-482c-b778-92b21f9ad3c6; expires=Sat, 22-Apr-2023 17:14:45 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 22-Apr-2023 17:14:45 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 22-Apr-2023 17:14:45 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
deviceid.trueleadid.com/iframe.html?token=10E82D85-5048-2BF7-99D7-F48FAF188A82&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=BEB516A1-60ED-00CC-73EB-A6A318CFA8E9&lac=A223F9AF-E7A0-7D87-DD28-D0C442307BFE
35.169.79.47200 OK 0 B URL HTTP/2 deviceid.trueleadid.com/iframe.html?token=10E82D85-5048-2BF7-99D7-F48FAF188A82&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=BEB516A1-60ED-00CC-73EB-A6A318CFA8E9&lac=A223F9AF-E7A0-7D87-DD28-D0C442307BFE
IP 35.169.79.47:0
GET /iframe.html?token=10E82D85-5048-2BF7-99D7-F48FAF188A82&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=BEB516A1-60ED-00CC-73EB-A6A318CFA8E9&lac=A223F9AF-E7A0-7D87-DD28-D0C442307BFE HTTP/1.1
Host: deviceid.trueleadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:47 GMT
content-type: text/html
server: nginx
last-modified: Wed, 08 Mar 2023 19:45:51 GMT
etag: W/"6408e5ef-1049"
expires: Fri, 24 Mar 2023 17:14:47 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: max-age=86400, public
content-encoding: gzip
X-Firefox-Spdy: h2
script.anura.io/request.js?instance=3688597576&source=undefined&campaign=undefined&callback=Pushnami.anTrack&963575173527
35.177.99.174200 OK 0 B URL HTTP/2 script.anura.io/request.js?instance=3688597576&source=undefined&campaign=undefined&callback=Pushnami.anTrack&963575173527
IP 35.177.99.174:0
GET /request.js?instance=3688597576&source=undefined&campaign=undefined&callback=Pushnami.anTrack&963575173527 HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:47 GMT
content-type: application/javascript; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.trustedform.com/trustedform-1.8.38.js
54.230.111.91200 OK 0 B URL HTTP/2 cdn.trustedform.com/trustedform-1.8.38.js
IP 54.230.111.91:0
GET /trustedform-1.8.38.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
x-amz-version-id: ffJa67w_.T4JjuAeq9bT6P3fBUPuRaPp
server: AmazonS3
content-encoding: gzip
date: Thu, 23 Mar 2023 17:14:47 GMT
etag: W/"a71c6d4fa015e7b61cc1fc54ff9b242e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DA6u8bQBvunLfwXWaUZatcSngZVGNO-ffLwuEJ2RXFAhjyushIwZlw==
age: 15
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=6&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&token=10E82D85-5048-2BF7-99D7-F48FAF188A82&_=574784384
34.192.171.130200 OK 0 B URL HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=6&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&token=10E82D85-5048-2BF7-99D7-F48FAF188A82&_=574784384
IP 34.192.171.130:0
POST /2.11.9/InitFormData?msn=6&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&token=10E82D85-5048-2BF7-99D7-F48FAF188A82&_=574784384 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1079
Origin: https://vouchersavenue.com
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:48 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 22-Apr-2023 17:14:48 GMT; Max-Age=2592000; path=/
rguserid=db159aa7-0730-4d1e-8548-2e06ea08526e; expires=Sat, 22-Apr-2023 17:14:48 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 22-Apr-2023 17:14:48 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 22-Apr-2023 17:14:48 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:500,800
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:500,800
IP 142.250.74.74:0
GET /css?family=Montserrat:500,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Mar 2023 17:14:43 GMT
date: Thu, 23 Mar 2023 17:14:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vouchersavenue.com/js/app.js?id=5ba5d1ad456309cd7257
3.217.132.248200 OK 0 B URL HTTP/2 vouchersavenue.com/js/app.js?id=5ba5d1ad456309cd7257
IP 3.217.132.248:0
GET /js/app.js?id=5ba5d1ad456309cd7257 HTTP/1.1
Host: vouchersavenue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/1000-bf/signup/1
Cookie: contest_session=K8QRlrkBVWXXekIKp86eP5J9svxnM88sEMZ8F2dx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:42 GMT
content-type: application/javascript
last-modified: Wed, 22 Mar 2023 14:58:55 GMT
etag: "ec327-5f77e662209c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
imgs.tagadamedia.com/media/us/20/512x512-2095.svg
138.199.36.10200 OK 0 B URL HTTP/2 imgs.tagadamedia.com/media/us/20/512x512-2095.svg
IP 138.199.36.10:0
ASN #60068 Datacamp Limited
GET /media/us/20/512x512-2095.svg HTTP/1.1
Host: imgs.tagadamedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:43 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: BunnyCDN-DE1-1053
cdn-pullzone: 61945
cdn-uid: 5d127034-96a6-45e8-a482-4f40615f18db
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Mon, 24 Jan 2022 11:51:37 GMT
x-amz-id-2: OhEWrM3WTvco2DodI09c9KQWM2im1M5mZY3mTvEqp+rOxOitHm6vD+BLfidnycuH0yFMfTBD/0c=
x-amz-request-id: STFJARBTQECWFEYV
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 01/05/2023 12:50:19
cdn-edgestorageid: 1080
cdn-status: 200
cdn-requestid: aafe1c0d51ca167b5311f0dc0b157eb6
cdn-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
psp.pushnami.com/api/psp
54.167.183.48200 OK 0 B IP 54.167.183.48:0
POST /api/psp HTTP/1.1
Host: psp.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vouchersavenue.com/
content-type: application/x-www-form-urlencoded
key: 5cc0bb93e04a8c20b5240228
Origin: https://vouchersavenue.com
Content-Length: 98
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:49 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: https://vouchersavenue.com
access-control-allow-credentials: true
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=5&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&token=10E82D85-5048-2BF7-99D7-F48FAF188A82&_=574784383
34.192.171.130200 OK 0 B URL HTTP/2 create.leadid.com/2.11.9/Snap?msn=5&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&token=10E82D85-5048-2BF7-99D7-F48FAF188A82&_=574784383
IP 34.192.171.130:0
POST /2.11.9/Snap?msn=5&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&token=10E82D85-5048-2BF7-99D7-F48FAF188A82&_=574784383 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 168135
Origin: https://vouchersavenue.com
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:48 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 22-Apr-2023 17:14:48 GMT; Max-Age=2592000; path=/
rguserid=c107ffbf-c79b-40c7-9fbe-4cf3c0e5bc0d; expires=Sat, 22-Apr-2023 17:14:48 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 22-Apr-2023 17:14:48 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 22-Apr-2023 17:14:48 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
script.anura.io/response.json
35.177.99.174200 OK 0 B URL HTTP/2 script.anura.io/response.json
IP 35.177.99.174:0
POST /response.json HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 3104
Origin: https://vouchersavenue.com
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:48 GMT
content-type: application/json; charset=utf-8
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: POST
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
imgs.tagadamedia.com/media/us/20/450x70-2094.svg
138.199.36.10200 OK 0 B URL HTTP/2 imgs.tagadamedia.com/media/us/20/450x70-2094.svg
IP 138.199.36.10:0
ASN #60068 Datacamp Limited
GET /media/us/20/450x70-2094.svg HTTP/1.1
Host: imgs.tagadamedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:43 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: BunnyCDN-DE1-1053
cdn-pullzone: 61945
cdn-uid: 5d127034-96a6-45e8-a482-4f40615f18db
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Mon, 24 Jan 2022 11:51:37 GMT
x-amz-id-2: ax0m/Xodwj8Y/EYzIMLyIOxgt8GgQgDMy895Cqw+LKVNhXvoyUIZMVrNtXbgJjy9LLi2FZUXcic=
x-amz-request-id: MRVXC9YHJASKN9K1
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 01/05/2023 13:28:24
cdn-edgestorageid: 1081
cdn-status: 200
cdn-requestid: db4cb9c647bba726fc57870f41a96941
cdn-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveDom?msn=2&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&token=10E82D85-5048-2BF7-99D7-F48FAF188A82&_=574784380
34.192.171.130200 OK 0 B URL HTTP/2 create.leadid.com/2.11.9/SaveDom?msn=2&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&token=10E82D85-5048-2BF7-99D7-F48FAF188A82&_=574784380
IP 34.192.171.130:0
POST /2.11.9/SaveDom?msn=2&pid=75461ae4-27ee-4268-a3a5-f73eeee85528&token=10E82D85-5048-2BF7-99D7-F48FAF188A82&_=574784380 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 512
Origin: https://vouchersavenue.com
Connection: keep-alive
Referer: https://vouchersavenue.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 17:14:45 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 22-Apr-2023 17:14:45 GMT; Max-Age=2592000; path=/
rguserid=cfa76a18-01ad-4e0a-a650-2db84a58a453; expires=Sat, 22-Apr-2023 17:14:45 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 22-Apr-2023 17:14:45 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 22-Apr-2023 17:14:45 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2