firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 15 Oct 2022 12:50:08 GMT
Expires: Sat, 15 Oct 2022 13:05:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jJO5XPOuJ9wwc25wVxmqg-I_fHjpZsSZNu3MgcvBTSIQNFD1DBtmSQ==
Age: 696
trafficadbar.com/_kc1h
52.202.155.140302 Found 0 B IP 52.202.155.140:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_kc1h HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 15 Oct 2022 13:01:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Set-Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Mon, 14-Nov-2022 13:01:44 GMT; Max-Age=2592000; SameSite=Lax
Location: https://t-adbar1.com/_kc1h
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b424d8c01b211c56d5b44b92e4e4153
b1fdab18f23271eee58ae1482f8af25badc2ffda
1c82a5fd2bc3f16a66becb5e1924e8c9edd39386622dc2e5ed296442f4307b2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C82A5FD2BC3F16A66BECB5E1924E8C9EDD39386622DC2E5ED296442F4307B2B"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11182
Expires: Sat, 15 Oct 2022 16:08:06 GMT
Date: Sat, 15 Oct 2022 13:01:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a57d0f62d9bd29668b94a513fa45d18e
d7cb263502e21f9235b4523a596e2138d22042ec
df7acd4fe34cc9c4945a5d83ef538105a73dfc1a8b485bc7a62488c5406b1294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF7ACD4FE34CC9C4945A5D83EF538105A73DFC1A8B485BC7A62488C5406B1294"
Last-Modified: Sat, 15 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5566
Expires: Sat, 15 Oct 2022 14:34:30 GMT
Date: Sat, 15 Oct 2022 13:01:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UiTa4U5e0Ne0xNbC3k6qtReI7OPwqOaWil8h8HK6c2fzxZ9F35KwszENgCpG0CVuIGQ7SQU2GPQ=
x-amz-request-id: HMMJXWEN1HWHCP29
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 15 Oct 2022 12:34:38 GMT
age: 1626
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 13:01:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 4a6eb3b2b2ae822053b920274bda4750
00251e84a90237c596bf6c9d98b784cadc39d81f
1244d26b2c0bcd53239f3180f2b513aea35cee26388ca49990a9e9fe10cefbef
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=97070
Date: Sat, 15 Oct 2022 13:01:45 GMT
Etag: "63497f2b-1d7"
Expires: Sun, 16 Oct 2022 15:59:35 GMT
Last-Modified: Fri, 14 Oct 2022 15:24:27 GMT
Server: ECS (dcb/7F16)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kmXtaQFcqebsF7hEwJIP4TKpkgnZSxmo9V-Ef8otUkBJMTmZhVUZsg==
Age: 2108
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 15 Oct 2022 12:07:43 GMT
Cache-Control: max-age=3600
Expires: Sat, 15 Oct 2022 12:56:01 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wm3ZXtGeOSebwcyFUjOjIzrOUKwN5ZrhOGE2exDOqPDOkenC6zkz-A==
Age: 3242
t-adbar1.com/favicon.ico
44.196.228.151302 Found 138 B IP 44.196.228.151:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /favicon.ico HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Sat, 15 Oct 2022 13:01:45 GMT
content-type: text/html
content-length: 138
location: https://trafficadbar.com/favicon.ico
server: nginx
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 301aafc13bc66315321d9476df002258
e6bfd29899543fcd4d1b332623757bbad355306f
c64315afdfcf146b16942d981588ed912650472c5e2bba7b6f8dee396d820860
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4092
Cache-Control: max-age=159202
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:45 GMT
Etag: "634a6a1f-1d7"
Expires: Mon, 17 Oct 2022 09:15:07 GMT
Last-Modified: Sat, 15 Oct 2022 08:06:55 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
t-adbar1.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
44.196.228.151302 Found 138 B URL HTTP/2 t-adbar1.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
IP 44.196.228.151:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Im45VVA0TzRWUlwvOThFQktMXC9Nb1VOQT09IiwidmFsdWUiOiJMbTBNOGZTK0hlV085SEpQZEpkSVFnPT0iLCJtYWMiOiIxZDIxOTA5NDBlZDAyZGU3ZjI3NzAyN2U0MDAxMjNjZTQ2MjdkODUxZjVjOTYyMWIxMWIwZWQ3ZmE1NmU3YzM5In0=&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Sat, 15 Oct 2022 13:01:45 GMT
content-type: text/html
content-length: 138
location: https://trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
server: nginx
X-Firefox-Spdy: h2
t-adbar1.com/assets/BarController.js
44.196.228.151200 OK 1.1 kB URL HTTP/2 t-adbar1.com/assets/BarController.js
IP 44.196.228.151:0
File type ASCII text, with very long lines (1068), with no line terminators
Hash efa0db095e35eb95ee151016e47c492b
82a86e0cdbbe5f4a1634b2274f076dbaa053b86e
5adfd45bc89f7c5d9bb06fafb7caf0f317f54849db006ad49301f027ad6ece4c
GET /assets/BarController.js HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Im45VVA0TzRWUlwvOThFQktMXC9Nb1VOQT09IiwidmFsdWUiOiJMbTBNOGZTK0hlV085SEpQZEpkSVFnPT0iLCJtYWMiOiIxZDIxOTA5NDBlZDAyZGU3ZjI3NzAyN2U0MDAxMjNjZTQ2MjdkODUxZjVjOTYyMWIxMWIwZWQ3ZmE1NmU3YzM5In0=&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:45 GMT
content-type: application/javascript
content-length: 1068
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
etag: "60c06a82-42c"
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.43.61.95101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.61.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gLyoqkvSLTB4JZS/fADhoQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GU8FT+JFmKQxmFOg8Q+iuMCcDN8=
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash b4e3901252eca17c28a22fee6561b01f
4c1c3eef07af6abb5651807ee8ad032e2f846496
5e59ec9f561f9dcc687edc98017aa054be4f646fc5cc3d812acb4adf11baf467
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=128686
Date: Sat, 15 Oct 2022 13:01:45 GMT
Etag: "6349eb98-1d7"
Expires: Mon, 17 Oct 2022 00:46:31 GMT
Last-Modified: Fri, 14 Oct 2022 23:07:04 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: I6KN-x8oXSlqUXQhWNeO5Y1Iv_T40p-MXLfSPMCNTmX5KiAyQCZLKw==
Age: 5967
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 796808cf0bc9be0aa3c2de1b72fb4a21
7375cb525c95bb5c9828b02677c79b7c9587546b
89d6d82939b89b6c5617de2261c0a3dfda2094a774ec65879a018b7a06dbebb5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100392
Date: Sat, 15 Oct 2022 13:01:45 GMT
Etag: "63497af8-1d7"
Expires: Sun, 16 Oct 2022 16:54:57 GMT
Last-Modified: Fri, 14 Oct 2022 15:06:32 GMT
Server: ECS (dcb/7EEF)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BRHN8SP8-hLspgGO5FDIGrmW5CguxkDUdwKuBLqsjg_dCJUX4ksnKQ==
Age: 6505
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d446ca2d7c9a77d48cb8ec47e5f6a506
db79409c874f5336a0bbc53cc5ec00018ee18810
90474edacd2d615e4a50ff9a86a656cb3e9b91be6a6b455d607da73ab4faabd5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2783
Cache-Control: max-age=112174
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:46 GMT
Etag: "6349b789-117"
Expires: Sun, 16 Oct 2022 20:11:20 GMT
Last-Modified: Fri, 14 Oct 2022 19:24:57 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
104.17.24.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32065)
Hash 63827323c175768ccb0e8ed54589a3e5
9760e238d6ecced66396798559f70593793d801e
196f9479a27db836a2a7454e222f0cb52d4eeb162e0a50e69401ba1a8d81b564
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 26909
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e4a"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1459966
expires: Thu, 05 Oct 2023 13:01:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vq%2BL6mkFn7sAF7N1c5feyVlq1kZeMkqgGvyqbkTv%2BG%2BM9yD7bZ%2B9BoNwZRhY94iYN19jEsIWCBtQDMgVp%2B2hkfkM%2BIAeVAkOdwiQRYK9cL%2FGOiA1XBMS3EFvrHyn8h3BxYRBhf71"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75a8becb0803b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ee0b38c8784e9603a4a72fa6a6f2cd93
34c6b4608dec1654d346ef4688d11720a23c0174
0abd39eecc47f85d0195da335d4695af595584c4dd81a6f576203e2e3e1b0bec
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 494
Cache-Control: max-age=140454
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:46 GMT
Etag: "634a2ef2-118"
Expires: Mon, 17 Oct 2022 04:02:40 GMT
Last-Modified: Sat, 15 Oct 2022 03:54:26 GMT
Server: ECS (amb/6BB6)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d446ca2d7c9a77d48cb8ec47e5f6a506
db79409c874f5336a0bbc53cc5ec00018ee18810
90474edacd2d615e4a50ff9a86a656cb3e9b91be6a6b455d607da73ab4faabd5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3849
Cache-Control: max-age=113240
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:46 GMT
Etag: "6349b789-117"
Expires: Sun, 16 Oct 2022 20:29:06 GMT
Last-Modified: Fri, 14 Oct 2022 19:24:57 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
lllpg.com/images/trackrarrow.png
172.67.140.164200 OK 1.3 kB URL HTTP/2 lllpg.com/images/trackrarrow.png
IP 172.67.140.164:0
File type PNG image data, 47 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 547b17eac800ff3941e68f9e2dd75d91
5d58e488b1fc1e2214e7450da02b1c8cba483743
930a9d4d4d3d6d7608d177af22beeff79140cce408d86a708f2a5ed1dafba4da
GET /images/trackrarrow.png HTTP/1.1
Host: lllpg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:46 GMT
content-type: image/png
content-length: 1266
last-modified: Tue, 10 May 2022 13:43:23 GMT
cf-cache-status: HIT
age: 4592
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Esu9E%2FwFxw3fb8tWfpi4cg%2FcUBfvUqFdc9V%2BImTBABYqQzYiq%2B6%2BZMO%2Fd0Wb%2B4a%2FtpUSHsbudbPIX90UFvUogZSMbygidivYvg2rELJC5KIT0LDd1fDf%2F3D%2BsI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a8becb4c08b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/ui/1.11.4/jquery-ui.min.js
69.16.175.10200 OK 64 kB URL HTTP/2 code.jquery.com/ui/1.11.4/jquery-ui.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32035)
Hash 28749bfe6af321b7c932452b38ce8683
2b444e3dee68a935213db86fd188c22883a65683
9110cdde7eb592e332cf7fa4347e5b3b17a2868ecde80d0c4a054bf0dd5a03b2
GET /ui/1.11.4/jquery-ui.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://llclickpro.com
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:46 GMT
content-encoding: gzip
content-length: 64296
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-3ab2b"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1665838906.dop022.sk1.t,1665838906.cds241.sk1.hn,1665838906.cds020.sk1.c
X-Firefox-Spdy: h2
llclickpro.com/MCTGlanding/tab
172.67.188.246200 OK 2.2 kB URL HTTP/2 llclickpro.com/MCTGlanding/tab
IP 172.67.188.246:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (373), with CRLF, LF line terminators
Hash 8a2056acd144b354cfc4ea0d722272c1
e9b14a79ba3c661bfe4a8b4f14a0d7f7dbff401b
6930cce39fab2175e298724879a7f63aa462f4048cac2a934386c003e72d4167
GET /MCTGlanding/tab HTTP/1.1
Host: llclickpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: lltkrl156457=1; expires=Sun, 16-Oct-2022 13:01:45 GMT; Max-Age=86400; path=/; SameSite=Lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCkWh7b3Ai5gGtZ0j1afIhA%2FpBLngeU8tpnZ4Suyfe3DyNY%2BdZntbvZ75fok84OtCmVPLPCps4bbPK0d6kW4p1OvQg8Wv1xMV%2BptpS64KLEQjldrZneTMMpbJaFi%2BxRPGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75a8bec7e913b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11574
Expires: Sat, 15 Oct 2022 16:14:41 GMT
Date: Sat, 15 Oct 2022 13:01:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11574
Expires: Sat, 15 Oct 2022 16:14:41 GMT
Date: Sat, 15 Oct 2022 13:01:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11574
Expires: Sat, 15 Oct 2022 16:14:41 GMT
Date: Sat, 15 Oct 2022 13:01:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 319cbf11bba3f159e5c9f606deded924
13f29acb7a694030fc2de0b42c0d95c4be49deb7
09aa7d94e4829f4daf33d5e2aed077afcc59628839c5d6e877172e8455879062
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15855
x-amzn-requestid: 6cd31f4a-e8b2-4258-9b64-2fad83a606c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3ekFH1-IAMFTDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6346114d-5fd284f41be669a972e84ed4;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 00:58:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4PfJD4ZyH4fg4H6C1kQK_MHuWp4DdzA768vaMNt98y3_hKwkFbIpYg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 05:07:49 GMT
age: 28438
etag: "13f29acb7a694030fc2de0b42c0d95c4be49deb7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a3b2ace-090c-4763-8c3d-485b06c6db7f.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a3b2ace-090c-4763-8c3d-485b06c6db7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1c7702a6206faeb2ca8f81c15ad37ff
a63ad4f69b8f59f00cf06e06096488bc10af9d74
392e67ad7cc5ee65f30cab488861ccd06770cd1230814095185f81e895d5000e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a3b2ace-090c-4763-8c3d-485b06c6db7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4205
x-amzn-requestid: c94a4ce7-f219-4473-93f6-fdb6c506dbe0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7EhLGItoAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347813a-6cbcef6d3dd353dd21bb6080;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XZ7TmppwJQ-7gnH6VPsmH8MD-dvh9wruvlk2nIKln68ZRsPgJRPQkg==
via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 04:24:26 GMT
age: 31041
etag: "a63ad4f69b8f59f00cf06e06096488bc10af9d74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
52.202.155.140200 OK 8.4 kB URL HTTP/2 trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
IP 52.202.155.140:0
Hash b667f7f76a87f0e99667ef0502651bf9
4760c4fa797b605da8fbba633efc570d5a231978
8e2ba9d39e38a525019f8385c13ed731d323d4fa34875c5d87764c7491714985
GET /50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:46 GMT
content-type: image/jpeg
server: nginx
vary: Accept-Encoding
expires: Mon, 14 Nov 2022 13:01:45 GMT
pragma: public
cache-control: max-age=2591999
content-encoding: gzip
X-Firefox-Spdy: h2
t-adbar1.com/assets/home_logo.png
44.196.228.151200 OK 11 kB URL HTTP/2 t-adbar1.com/assets/home_logo.png
IP 44.196.228.151:0
Hash 28cd14e0c6178b8eb0833b809920f86c
d9b21bdff9441da31bb5bfe314792bab961bcbd6
0e54b19b7a76de574e6342d33896f53a604eae01484fa926ce6e53d389165968
GET /assets/home_logo.png HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Im45VVA0TzRWUlwvOThFQktMXC9Nb1VOQT09IiwidmFsdWUiOiJMbTBNOGZTK0hlV085SEpQZEpkSVFnPT0iLCJtYWMiOiIxZDIxOTA5NDBlZDAyZGU3ZjI3NzAyN2U0MDAxMjNjZTQ2MjdkODUxZjVjOTYyMWIxMWIwZWQ3ZmE1NmU3YzM5In0=&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:45 GMT
content-type: image/png
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
vary: Accept-Encoding
etag: W/"60c06a82-9a6"
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab477b34-f7d9-48e4-a5a3-0b6c7e9190ea.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab477b34-f7d9-48e4-a5a3-0b6c7e9190ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 79c6e3f1b3de975f12b9a2fc346d8a0a
524a1834383d71661fabe54255fac73daeae9b45
b46843fa6256081445044a233d599ce591c1159f29e55ff923505bf51c5f2175
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab477b34-f7d9-48e4-a5a3-0b6c7e9190ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9346
x-amzn-requestid: e5720651-7782-4b92-8fd0-0a1b7e107fe3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zn22-FBBoAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633fd1c6-0499a193689469c61b12a93a;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 07:14:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cjCw1gqmvyYZsmvFzkXOjib_kEMK8KvqSL7Uf-guPVRwjmW2VTmC6Q==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 22:13:37 GMT
age: 53290
etag: "524a1834383d71661fabe54255fac73daeae9b45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6ea4d5d-0df9-4cfe-a9fc-e70b8e32f8ef.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6ea4d5d-0df9-4cfe-a9fc-e70b8e32f8ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54edb9ab897821172fc13756df376ee7
2010f9656d87e6f5220f131628c537720c3673e1
6694c1be0adf97fa77d1bfa29337d9e609b729a58d42e141e9bb55ed6367b1d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6ea4d5d-0df9-4cfe-a9fc-e70b8e32f8ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13261
x-amzn-requestid: dd760e09-701e-4956-9723-386edc97c694
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z0fH6FzIoAMFzJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6344deff-197cf4f048e146af5654d0bd;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 03:11:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FG87tXqLw2s9wd8SpMNGbYzroLHz4inDaCGnUMOUKhvEqSvqfBwR4A==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 04:55:49 GMT
age: 29158
etag: "2010f9656d87e6f5220f131628c537720c3673e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d5c28415e3c8fb3189aafdb469e10c34
861e418f3ff1b221d1f40421082dcbb9d43cd286
7ca419b9197aa11691b3771669c04a4daf853cf9907e3ebc19645498c1ea8aa1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7CA419B9197AA11691B3771669C04A4DAF853CF9907E3EBC19645498C1EA8AA1"
Last-Modified: Fri, 14 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21548
Expires: Sat, 15 Oct 2022 19:00:55 GMT
Date: Sat, 15 Oct 2022 13:01:47 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d3a7a0d85121715a9a3590df07145cd8
7da0f8eba172ed91b10f292054a913b1b33da66d
e77042397dd2555f12bfd9ed17a663845ce9c657c852af3807c90581f91fbb90
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.morecouponstogo.com/uni-landing
34.237.47.210200 OK 33 kB URL HTTP/2 www.morecouponstogo.com/uni-landing
IP 34.237.47.210:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5305)
Hash 6a72f5b2c357fdc9ef27408d08e874d3
ada8e267c3f26f7c51057265bb6ddf0a14fdd24c
af17a705a637ed4fd855f36938ab6915e840e491bca208016156e871373d6f0f
Analyzer Verdict Alert fortinet Phishing
GET /uni-landing HTTP/1.1
Host: www.morecouponstogo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 13:01:47 GMT
content-type: text/html; charset=UTF-8
content-length: 33303
x-brizy-preview: 1
vary: Accept-Encoding
content-encoding: gzip
x-varnish: 137842471 3964975
age: 856238
via: 1.1 varnish (Varnish/6.2)
x-cache: HIT
x-cache-hits: 3997
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
142.250.74.10200 OK 2.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
IP 142.250.74.10:0
Hash a538c035a1705f7d0bfdf6131085419f
91288355cf242befda394b19fde39369ed726a7e
83956e77da9ecae6c34a873fe30404efd27548ff5976b4c53423b3904845c2a4
GET /css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 15 Oct 2022 13:01:48 GMT
date: Sat, 15 Oct 2022 13:01:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pixel.leadsleap.net/set.html?n1=lltkra156457&v1=603290.15&n2=lltkrb156457&v2=603290.15
172.67.186.40200 OK 967 B URL HTTP/2 pixel.leadsleap.net/set.html?n1=lltkra156457&v1=603290.15&n2=lltkrb156457&v2=603290.15
IP 172.67.186.40:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash ed5c3cf2f83146b7223436bf8b284c79
62d238a6fff2cd98c1890ce77bb2870ac5902fb4
635a70bab3262ff46946746f0dd871b810d5596373c20d51d01e23b27d8f79f0
GET /set.html?n1=lltkra156457&v1=603290.15&n2=lltkrb156457&v2=603290.15 HTTP/1.1
Host: pixel.leadsleap.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:46 GMT
content-type: text/html
last-modified: Thu, 01 Oct 2020 11:41:08 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNCq7INgWR1%2BEL9HiMtHGYiCjG%2FeHzUY6WXP4pL4Q0sIU6BoNT8pNi6CRJ%2BTF9cUypZcTScpdHsnu%2Bx4Bg9giUByrZMt6U1cgbHIze8v5SH4wlbepUUk9K2%2F2qCwtz1a6FYYN5Mq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75a8becd19a3b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0181f663be1ca230fae2fc0ce1cef8a0
7b349a4f48ac2273aec94beee9bbe1d13f7442a1
97cab73bfa6c3538c6bc32859d0199b0e177236606a64317cdc9edfff98e5020
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4684
Cache-Control: max-age=120889
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:48 GMT
Etag: "6349d229-117"
Expires: Sun, 16 Oct 2022 22:36:37 GMT
Last-Modified: Fri, 14 Oct 2022 21:18:33 GMT
Server: ECS (amb/6BBD)
X-Cache: HIT
Content-Length: 279
www.googletagmanager.com/gtag/js?id=G-LRYZTN7NCV
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LRYZTN7NCV
IP 142.250.74.168:0
File type ASCII text, with very long lines (18991)
Hash 64bb2c35c0ff4f6368150aec2c7b71cb
0ada72b8f9e5b09b45867d172e8fb33cfed506a8
89f1029b9fa5ab220520bdc8df0c9cf9ca1874fceaa6b80e0303de6eaeacebae
GET /gtag/js?id=G-LRYZTN7NCV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 15 Oct 2022 13:01:48 GMT
expires: Sat, 15 Oct 2022 13:01:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75827
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trafficadbar.com/bar/show.js
52.202.155.140200 OK 686 B URL HTTP/2 trafficadbar.com/bar/show.js
IP 52.202.155.140:0
Hash 66356b4b9464e02a05c7f92c682cce02
fe2db8c863bdb4b14b4561063d390f84ab780245
cb651d49727b72f43b47bd846a04861548f42f2e8ad59c7535c5e1ba326d3d6c
GET /bar/show.js HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:48 GMT
content-type: application/javascript
content-length: 686
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
etag: "60c06a82-2ae"
expires: Wed, 14 Dec 2022 13:01:48 GMT
pragma: public
cache-control: max-age=5184000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 6279ba8b407f3ec297557a1f15c7a3cc
c1b706cc373e21e2dfebf53f0733d7b1999f2370
04a0a14a193107064bbb14fd4c2f4be52a876b54785a5dcd2de58bdcfbc73888
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 13:01:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 19 Oct 2022 09:22:38 GMT
ETag: "c1b706cc373e21e2dfebf53f0733d7b1999f2370"
Last-Modified: Sat, 15 Oct 2022 09:22:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 658
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75a8bed83f08b4f4-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3039b3640f516724d3ec7e845c2f20d1
efa6a85767ab44afd629d1d82413770412abce0e
d454aa6e955985b5b78d1a190b7abc035a1e6dea0c3c5f06220bad3031717249
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1ielco78gv5pf.cloudfront.net/assets/external_portfolio.js
54.230.245.54200 OK 368 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/external_portfolio.js
IP 54.230.245.54:0
File type ASCII text, with very long lines (656), with no line terminators
Hash b5ec16a6962b298f78b6cec8ea07c798
92156c23772de75b11fbb3842cff7aafb3f36d2f
a3b8c3ae6fd1b0a623464b1babc563fece01356823bd51f662c6fdc34e2fad26
GET /assets/external_portfolio.js HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 368
date: Tue, 17 May 2022 09:40:53 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-encoding: gzip
etag: "6282220d-170"
expires: Fri, 14 May 2032 09:40:53 GMT
last-modified: Mon, 16 May 2022 10:06:05 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4DQbRSZmWEMbt8asHSxReCKJSPpxRQ-gRXRrBsj5TE7PVfQ-MbL29g==
age: 13058455
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 9a52021878937ac8c81f9790ada4a40e
d579923f8af027b328bfea3b0541e7ab8274ef6f
a5f8f52043c37f123faea5a44f4dd0b55724bf92795d8fbeff5d48cdfb7a9ac1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 13:01:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 05:02:00 GMT
Expires: Wed, 19 Oct 2022 05:01:59 GMT
Etag: "d579923f8af027b328bfea3b0541e7ab8274ef6f"
Cache-Control: max-age=316210,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75a8bed6fe01b50b-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 9a52021878937ac8c81f9790ada4a40e
d579923f8af027b328bfea3b0541e7ab8274ef6f
a5f8f52043c37f123faea5a44f4dd0b55724bf92795d8fbeff5d48cdfb7a9ac1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 13:01:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 05:02:00 GMT
Expires: Wed, 19 Oct 2022 05:01:59 GMT
Etag: "d579923f8af027b328bfea3b0541e7ab8274ef6f"
Cache-Control: max-age=316210,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75a8bed6fbd5b51d-OSL
b-cloud.b-cdn.net/builds/pro/118-cloud/css/group-3-pro.css
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/118-cloud/css/group-3-pro.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /builds/pro/118-cloud/css/group-3-pro.css HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:48 GMT
content-type: text/css
content-length: 0
server: BunnyCDN-NO-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Sat, 17 Sep 2022 10:22:32 GMT
x-amz-id-2: eERC7Jocq+33LU6Khm4ZUwEpPdLjPb3rzt3/OfflIDd00sajQx1lQP7WRoL7KUBupMXdChOjfn8=
x-amz-request-id: 4YHQGWS60FR0TBR5
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/15/2022 03:21:33
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/118-cloud/css/group-3-pro.css>; rel="canonical"
cdn-status: 200
cdn-requestid: ecd14b3b42ea9e2c054a0631f054574d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 9a52021878937ac8c81f9790ada4a40e
d579923f8af027b328bfea3b0541e7ab8274ef6f
a5f8f52043c37f123faea5a44f4dd0b55724bf92795d8fbeff5d48cdfb7a9ac1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 13:01:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 05:02:00 GMT
Expires: Wed, 19 Oct 2022 05:01:59 GMT
Etag: "d579923f8af027b328bfea3b0541e7ab8274ef6f"
Cache-Control: max-age=316210,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75a8bed7fe1a0b3d-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 9a52021878937ac8c81f9790ada4a40e
d579923f8af027b328bfea3b0541e7ab8274ef6f
a5f8f52043c37f123faea5a44f4dd0b55724bf92795d8fbeff5d48cdfb7a9ac1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 13:01:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 05:02:00 GMT
Expires: Wed, 19 Oct 2022 05:01:59 GMT
Etag: "d579923f8af027b328bfea3b0541e7ab8274ef6f"
Cache-Control: max-age=316210,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75a8bed7d9dafabc-OSL
b-cloud.b-cdn.net/builds/pro/118-cloud/css/preview.pro.css
194.242.11.186200 OK 43 kB URL HTTP/2 b-cloud.b-cdn.net/builds/pro/118-cloud/css/preview.pro.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash 583b2ee9efd4ce1e6faa8d278a211f87
86f0addf4cb2e3b4c33bddfd45ba844147b74e98
2aeb63333ee4e62588c20ccc58ef0544ad215fed9c4d07a08e2db3fc72d8ed24
GET /builds/pro/118-cloud/css/preview.pro.css HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:48 GMT
content-type: text/css
server: BunnyCDN-NO-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"54a7ad0f842668d8c46a872d36fc539f"
last-modified: Sat, 17 Sep 2022 10:22:32 GMT
x-amz-id-2: D6QDgws3xuxTQ+QNMSK6y+Afu42vRtJg+dMJ/yfsNSikHRQKKVoE6mbdD/xTxFNPkzpiL+11ez8=
x-amz-request-id: 58ZC5YDKAGPY8EA2
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/17/2022 10:52:09
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/118-cloud/css/preview.pro.css>; rel="canonical"
cdn-status: 200
cdn-requestid: 01aae91607b33b7ac1640cd8ba5aacfa
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash acaba5d27d27f0ebeb1a1495a6e4ff09
5953b351f69fd15de1b4d42dd9634dea8f6e920b
023cd9eaaee884f8cb91ed69805e308b42d2aaf48be2e3788e33dd95a501410f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Oct 2022 16:40:18 GMT
expires: Fri, 13 Oct 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 159690
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
216.58.207.195200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 10 Oct 2022 21:14:39 GMT
expires: Tue, 10 Oct 2023 21:14:39 GMT
cache-control: public, max-age=31536000
age: 402429
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bac53a9e47b402471127f290b676b367
d5aa4a8d0571a6c8519d8ab9d369c040ede52ca1
8985fb669fe4022d05158aa7a8fd8033d9b4ae4f9011f3f947e2365d4ebe19f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bac53a9e47b402471127f290b676b367
d5aa4a8d0571a6c8519d8ab9d369c040ede52ca1
8985fb669fe4022d05158aa7a8fd8033d9b4ae4f9011f3f947e2365d4ebe19f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/palanquindark/v12/xn76YHgl1nqmANMB-26xC7yuF8YyY14yd8o.woff2
216.58.207.195200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/palanquindark/v12/xn76YHgl1nqmANMB-26xC7yuF8YyY14yd8o.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 18824, version 1.0\012- data
Hash 0b8cbe6afbac36bab648231406851927
2f67e3adf1061cf82e075d636ae22bc4fca731ea
2c83b448afb8398f6ff0f1d684f125b13e0889b05c5041bb8ff4eb680a892089
GET /s/palanquindark/v12/xn76YHgl1nqmANMB-26xC7yuF8YyY14yd8o.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Oct 2022 16:35:08 GMT
expires: Wed, 11 Oct 2023 16:35:08 GMT
cache-control: public, max-age=31536000
age: 332800
last-modified: Mon, 09 May 2022 18:56:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Oct 2022 17:10:21 GMT
expires: Wed, 11 Oct 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 330687
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/palanquindark/v12/xn75YHgl1nqmANMB-26xC7yuF86JRks.woff2
216.58.207.195200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/palanquindark/v12/xn75YHgl1nqmANMB-26xC7yuF86JRks.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 20084, version 1.0\012- data
Hash 732c9716022aa43449564603e08aeb9b
477fa3a5c43696287d20b4b491e36d754d1c8866
37bb3776ce24d18cccdd5dc96199ad60c22afd1e190452a18e8c4fd2f8679a98
GET /s/palanquindark/v12/xn75YHgl1nqmANMB-26xC7yuF86JRks.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20084
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Oct 2022 17:04:07 GMT
expires: Fri, 13 Oct 2023 17:04:07 GMT
cache-control: public, max-age=31536000
age: 158261
last-modified: Mon, 09 May 2022 18:42:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bac53a9e47b402471127f290b676b367
d5aa4a8d0571a6c8519d8ab9d369c040ede52ca1
8985fb669fe4022d05158aa7a8fd8033d9b4ae4f9011f3f947e2365d4ebe19f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash acaba5d27d27f0ebeb1a1495a6e4ff09
5953b351f69fd15de1b4d42dd9634dea8f6e920b
023cd9eaaee884f8cb91ed69805e308b42d2aaf48be2e3788e33dd95a501410f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bac53a9e47b402471127f290b676b367
d5aa4a8d0571a6c8519d8ab9d369c040ede52ca1
8985fb669fe4022d05158aa7a8fd8033d9b4ae4f9011f3f947e2365d4ebe19f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/1f77e565/www-player.css
142.250.74.174200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/1f77e565/www-player.css
IP 142.250.74.174:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b5a46f1438f3db577085aac8517741b4
7c3aa7060e72a258bd0312da06738585b6b7196d
7dfd960abd7abcb030a5cee8767f1b7b9efa7bb494024b4b169514dddda6af47
GET /s/player/1f77e565/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49833
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Oct 2022 15:52:34 GMT
expires: Fri, 13 Oct 2023 15:52:34 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 13 Oct 2022 00:21:58 GMT
content-type: text/css
age: 162554
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 15 Oct 2022 12:31:58 GMT
expires: Sun, 15 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 1790
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Oct 2022 00:48:31 GMT
expires: Sat, 14 Oct 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 130397
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/1f77e565/www-embed-player.vflset/www-embed-player.js
142.250.74.174200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/1f77e565/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (572)
Hash 9d6e9c05ac1a10b83bb26afd1d6cc9fa
fbd28b5f49084a128b672150c4e3ebaf94151001
c78cfac43e34a2a1fed2193bf3d095554bc09dcb4f1dec8cfe09302743c5fdf7
GET /s/player/1f77e565/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97485
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Oct 2022 15:53:31 GMT
expires: Fri, 13 Oct 2023 15:53:31 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 13 Oct 2022 00:21:58 GMT
content-type: text/javascript
age: 162497
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 357e556b62582c95234a6a5b95942164
21edc58612e5a88f8d76f80f4635f6b582db1602
2ed9c7aac2105ddc6f8f84ad4530428b464cc1ce724ef8abcbeed88d847b2746
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2ED9C7AAC2105DDC6F8F84AD4530428B464CC1CE724EF8ABCBEED88D847B2746"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13069
Expires: Sat, 15 Oct 2022 16:39:37 GMT
Date: Sat, 15 Oct 2022 13:01:48 GMT
Connection: keep-alive
a-cloud.b-cdn.net/media/iW=114&iH=114&oX=0&oY=18&cW=114&cH=79/9b040f5e483e93a7cce7e811fc84b625.png
194.242.11.186200 OK 2.4 kB URL HTTP/2 a-cloud.b-cdn.net/media/iW=114&iH=114&oX=0&oY=18&cW=114&cH=79/9b040f5e483e93a7cce7e811fc84b625.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash e2efb80dd70da9c830d24a0f9f300c55
6aa426ea229ea9dcf4a8b92061a05c4550da84af
4b52bf99734c07dc456858b0bb76f90efc9a98608b96ad6a6ae03068f3c73694
GET /media/iW=114&iH=114&oX=0&oY=18&cW=114&cH=79/9b040f5e483e93a7cce7e811fc84b625.png HTTP/1.1
Host: a-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:48 GMT
content-type: image/webp
content-length: 2422
server: BunnyCDN-NO-830
cdn-pullzone: 465925
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Sat, 15 Oct 2022 13:01:48 GMT
x-bo-server: DE-152
x-downloadsize: 3464
x-bo-origindownloadtime: 416
x-bo-processingtime: 0
x-bo-compressionratio: 30.08%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/15/2022 13:01:48
cdn-edgestorageid: 830
link: <https://www.brizy.cloud/media/iW=114&iH=114&oX=0&oY=18&cW=114&cH=79/9b040f5e483e93a7cce7e811fc84b625.png>; rel="canonical"
cdn-status: 200
cdn-requestid: 8254eb2b1b8abf03a5087372bb6b9dde
cdn-cache: MISS
X-Firefox-Spdy: h2
yazing.com/css/showdeals-yzwg.css
54.162.214.56200 OK 406 B URL HTTP/1.1 yazing.com/css/showdeals-yzwg.css
IP 54.162.214.56:0
Hash 67799b159cb3ef050044a77a2b3a9b45
886d44342cba8c02f846fc12bcce675f8356f1b3
4e3c99e3266b36b09cbb5bac828e08cf82ffe1d810c57049627da012ce92fcaa
GET /css/showdeals-yzwg.css HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 13:01:48 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Mon, 26 Apr 2021 12:38:43 GMT
ETag: "441-5c0df6d092f3d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Content-Length: 406
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9762e228d536aa73fd0efb6ff1a8d4a5
5933c06814c9208517a9f6e7703c5840abb15960
55a3149f3beaf5581eba71d62fcd6a204b4dbfa5a9edd36a3256df4efdda2d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "55A3149F3BEAF5581EBA71D62FCD6A204B4DBFA5A9EDD36A3256DF4EFDDA2D64"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5706
Expires: Sat, 15 Oct 2022 14:36:54 GMT
Date: Sat, 15 Oct 2022 13:01:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 88dbf35f3f8b5e1f6bf15b4574a7dd74
12340e92165a0a9002a36d92f83c4d122dd22e52
18d48fef53710478f0174d483dc3775de2e1af77d124040eb1f3e6357a5f355b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18D48FEF53710478F0174D483DC3775DE2E1AF77D124040EB1F3E6357A5F355B"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6164
Expires: Sat, 15 Oct 2022 14:44:33 GMT
Date: Sat, 15 Oct 2022 13:01:49 GMT
Connection: keep-alive
www.youtube.com/embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
142.250.74.174200 OK 31 kB URL HTTP/2 www.youtube.com/embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash 97b5fc02964a80019dd3409a280c3964
6fe357202302ad108031744e37f59677f5404fbf
2373cc8c91223e12236f288159add06e9e9981264b2a22e07855d8da2a7fa648
GET /embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 15 Oct 2022 13:01:48 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Yved4nkb7Dw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=cax0FCNzjQQ; Domain=.youtube.com; Expires=Thu, 13-Apr-2023 13:01:48 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+976; expires=Mon, 14-Oct-2024 13:01:48 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trafficadbar.com/assets/ads.css
52.202.155.140200 OK 385 B URL HTTP/2 trafficadbar.com/assets/ads.css
IP 52.202.155.140:0
Hash 05463025a9969b0844abe65f601e5c8a
4b9dcbf2c2d7e339ee8160c56ae92e1fd18595dc
bb8ddf7ca872ae352ec221a148c2e83ac8eabee859b8a7c261b8e2e941463fa3
GET /assets/ads.css HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trafficadbar.com/bar/page2.php?a=MTGSamurai&b=490&c=90&d=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&ref1=https%3A%2F%2Fllclickpro.com%2F&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:49 GMT
content-type: text/css
content-length: 385
server: nginx
last-modified: Thu, 11 Aug 2022 01:03:12 GMT
etag: "62f45550-181"
expires: Wed, 14 Dec 2022 13:01:49 GMT
pragma: public
cache-control: max-age=5184000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
yazing.com/widget/ajax-show-deals
54.162.214.56200 OK 5.0 kB URL HTTP/1.1 yazing.com/widget/ajax-show-deals
IP 54.162.214.56:0
File type JSON data\012- , ASCII text, with very long lines (5046), with no line terminators
Hash 657d103b30d9ccf9a9359fe2043603cf
15bfa64abe2e64fb3bc57577a93238213fc59e61
4176d4fba8e3aee06a7be08aec7e3aa9417c02cd0d1001da6f3bbdc4d823b633
POST /widget/ajax-show-deals HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 350
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 13:01:49 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: advanced-frontend=t6qkdruh8objd0apaggsrabfir; expires=Mon, 14-Oct-2024 13:01:49 GMT; Max-Age=63072000; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Content-Length: 5046
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
yazing.com/uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png
54.162.214.56200 OK 32 kB URL HTTP/1.1 yazing.com/uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png
IP 54.162.214.56:0
File type PNG image data, 156 x 156, 8-bit/color RGB, non-interlaced\012- data
Hash e73e4950ca69496813697388bd293d8e
5d318dc8a278e0557dd0a27001294b2bdfbbc67f
9b79ee4d11f956e94c8bf287a0f813bd48dc25f269f121685393abbb37e271e1
GET /uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 13:01:49 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sat, 08 Jan 2022 10:03:48 GMT
ETag: "7ee3-5d50f3844096e"
Accept-Ranges: bytes
Content-Length: 32483
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5c64ced45088660f4e780756e5ca0968
7d1d4b389b65a679b01acd0e3a070da7f6760bf1
d266d13f4491fc184a1f031ed87a5af76d46c58bd8751cb92cbedba574139462
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 722543de22a2f7bb9f83c502feb0350f
f919ae3fd7b0b6f15123894b96d5d5134f96c60b
e49d8118fd8296f08ce23af55149253b860b9a864dc096a5dd5828b1e30e848e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
w.leadsleap.com/js.js
104.26.9.147200 OK 32 kB IP 104.26.9.147:0
File type ASCII text, with very long lines (4026), with no line terminators
Hash 54d31b01356e43186e0d6a56a4654dcb
7ff18f46279c246d968d5c3cc4658279413174f3
5d4ff0a9e54409945e39440784e44c28a774d03ec53e72907382f1084c44902c
GET /js.js HTTP/1.1
Host: w.leadsleap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:48 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4038
last-modified: Mon, 06 Jun 2022 14:11:07 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 1433
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHDxyxTD2CYN1IgGSQB9MJtGR0NiY2IhHSDlXbvsYjzs1zyOizKpd6uVvygxlyTAEhaiTx1itIz5OOxLCFV4DNM8UfKb5Fo9HOcChh1BfTKhLPwr8LgSqK8S87Qq27Iyww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a8bed7faabfab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.98302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 15 Oct 2022 13:01:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
54.230.245.54200 OK 793 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
IP 54.230.245.54:0
File type ASCII text, with very long lines (2368)
Hash 1d57e54a7a9814979fd019e4a496b0ed
7546b89a8452aaa6edcc1e57ae5dfee9cd89f450
f7fb8c6e102f32d9f3b044ab26bb0e873fd16612967b2bdbe0ac8f6d658441e6
GET /assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 793
date: Sun, 18 Sep 2022 22:37:25 GMT
server: nginx
last-modified: Thu, 15 Sep 2022 10:06:37 GMT
content-encoding: gzip
expires: Wed, 15 Sep 2032 22:37:25 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wkCjEAuew6s6rKLX0i4eokI6Dcv6xxRwxs-ic4RNoGBYjYpmC_yfzA==
age: 2298264
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.98302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 15 Oct 2022 13:01:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash ec0f28cbb0e3ee12f9ea20c4d590f54e
f33be80fd766b0145f72789592f7d0038ea4d049
520d01e3f7893548fb5bb08922ed6a0bbfe46939ac131f3d24d6d3a06e7848b3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169012
Date: Sat, 15 Oct 2022 13:01:49 GMT
Etag: "634a989b-1d7"
Expires: Mon, 17 Oct 2022 11:58:41 GMT
Last-Modified: Sat, 15 Oct 2022 11:25:15 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2l4gwrLLc4Y9TMeP-Lr34NDpGiUus9B-JbDv3XJP_UssKWs377Qexg==
Age: 2006
googleads.g.doubleclick.net/pagead/id
142.250.74.98302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 15 Oct 2022 13:01:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.98302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 15 Oct 2022 13:01:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash ec0f28cbb0e3ee12f9ea20c4d590f54e
f33be80fd766b0145f72789592f7d0038ea4d049
520d01e3f7893548fb5bb08922ed6a0bbfe46939ac131f3d24d6d3a06e7848b3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168666
Date: Sat, 15 Oct 2022 13:01:49 GMT
Etag: "634a989b-1d7"
Expires: Mon, 17 Oct 2022 11:52:55 GMT
Last-Modified: Sat, 15 Oct 2022 11:25:15 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NCzgsyPyan68dmo1-r78f4tF9ket5q3vhe-X75qi8GVUjidy01L9Bw==
Age: 1660
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash afe1c1b08b059dfe353f300710437c7d
80b49e2d31d3efd28aa2ea6733c2a9dfd90887fd
64beb5a15b0e2704570ee892f1f7a2e6a042b44c44ebc11b699cd8d24ea59b60
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=87202
Date: Sat, 15 Oct 2022 13:01:49 GMT
Etag: "63494719-1d7"
Expires: Sun, 16 Oct 2022 13:15:11 GMT
Last-Modified: Fri, 14 Oct 2022 11:25:13 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: APN3JfjPnnZ0j01zTyR_rLL4KaJDj_4vRMQN_ILpXJX-HNSCAVNZqQ==
Age: 6598
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash ec0f28cbb0e3ee12f9ea20c4d590f54e
f33be80fd766b0145f72789592f7d0038ea4d049
520d01e3f7893548fb5bb08922ed6a0bbfe46939ac131f3d24d6d3a06e7848b3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171312
Date: Sat, 15 Oct 2022 13:01:49 GMT
Etag: "634a989b-1d7"
Expires: Mon, 17 Oct 2022 12:37:01 GMT
Last-Modified: Sat, 15 Oct 2022 11:25:15 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L-o3FjWCpSujmzh_tBgYohJm0p34xUIQeWaUGMRAH-Jb-5po-iQ83g==
Age: 4306
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash ec0f28cbb0e3ee12f9ea20c4d590f54e
f33be80fd766b0145f72789592f7d0038ea4d049
520d01e3f7893548fb5bb08922ed6a0bbfe46939ac131f3d24d6d3a06e7848b3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=172022
Date: Sat, 15 Oct 2022 13:01:49 GMT
Etag: "634a989b-1d7"
Expires: Mon, 17 Oct 2022 12:48:51 GMT
Last-Modified: Sat, 15 Oct 2022 11:25:15 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 92UZCCMlgDYq7MAisIfyzxp1P8U3HV54uBGQdHWe2mCpSV597KDIKg==
Age: 5016
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 722543de22a2f7bb9f83c502feb0350f
f919ae3fd7b0b6f15123894b96d5d5134f96c60b
e49d8118fd8296f08ce23af55149253b860b9a864dc096a5dd5828b1e30e848e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5c64ced45088660f4e780756e5ca0968
7d1d4b389b65a679b01acd0e3a070da7f6760bf1
d266d13f4491fc184a1f031ed87a5af76d46c58bd8751cb92cbedba574139462
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.gravitec.net/modules/1.bundle.js
45.133.44.4200 OK 12 kB URL HTTP/2 cdn.gravitec.net/modules/1.bundle.js
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Hash 79e15728ddd94efbddf9473996962e09
7370a52f5a950ec4419b96e813d702868b15a012
9fbc952104ca27c4d768f73f6f4c820ff901a86e7fa257480d686d2207b504e0
GET /modules/1.bundle.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:49 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
etag: W/"61fa486f-8092"
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 15 Oct 2022 13:01:49 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/7917.png
52.216.113.5200 OK 21 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/7917.png
IP 52.216.113.5:0
Hash 3a827b9622e809c923b792bc8945b2d1
a0d86d9121bac41177d5d3a796fdfc1b4cdbaa01
d847608c8a4ac86f4c1277f82ca96b4f9042a223f6ea4341069fc7251d0d72d9
GET /logos.formetocoupon.com/120x60/7917.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: zkmT99IredGbVlBCtpM2SAqNdaALHcrowPDA21vYa16QT96GxGClOJthxJDIf3lWGb8Y0P/7wfc=
x-amz-request-id: X1VYBJJ1GH6V138R
Date: Sat, 15 Oct 2022 13:01:50 GMT
Last-Modified: Fri, 16 Feb 2018 13:29:19 GMT
ETag: "3b5d385907bcf0703ae7ead02b368c80"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 9970
ih0.redbubble.net/image.2431145709.5847/raf,220x200,075,t,charcoal_heather.u5.jpg
68.232.35.237200 OK 12 kB URL HTTP/2 ih0.redbubble.net/image.2431145709.5847/raf,220x200,075,t,charcoal_heather.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 5380daa447f3eacd39d6cc3c54d229fc
b2be9357c91f7c599923cf4c9b04e1f9faf69a22
ed9727ee32bc95a995de1e9861a945d277d85b38a98f8fa371ffbfb8d45fc526
GET /image.2431145709.5847/raf,220x200,075,t,charcoal_heather.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 2552694
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Sat, 15 Oct 2022 13:01:49 GMT
etag: W/"ed9727ee32bc95a995de1e9861a945d2"
last-modified: Thu, 15 Sep 2022 23:56:55 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7F14)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 38b02fca-a409-4f4a-b3b0-6a38219191ae
x-xss-protection: 1; mode=block
content-length: 12445
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 48c8ca7abddebd077f8d5655ab885b11
1daa9bb3c1434275bbd57b9237000b72e59e1fcc
95e3c6bd5eb86b7805c5899ebd2157f214a5aec3c180830c1db3e0256097ee6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ih0.redbubble.net/image.2579322797.4494/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 12 kB URL HTTP/2 ih0.redbubble.net/image.2579322797.4494/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash e48662cf28047f0fe4acd78770d94d56
da2ec1aa3689c9b99c8ac675b17adfeea235ef70
535a2c258d3f1a08e401394d4189077004c9c114b022a309cd2df36fa85003ba
GET /image.2579322797.4494/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 798838
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Sat, 15 Oct 2022 13:01:49 GMT
etag: W/"535a2c258d3f1a08e401394d41890770"
last-modified: Thu, 06 Oct 2022 07:07:51 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7F60)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 819a92db-52ab-46a6-bdd5-38b5e490fae9
x-xss-protection: 1; mode=block
content-length: 11512
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2521900470.0223/raf,220x200,075,t,eggplant.u5.jpg
68.232.35.237200 OK 6.1 kB URL HTTP/2 ih0.redbubble.net/image.2521900470.0223/raf,220x200,075,t,eggplant.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash f1a77d20e2de0ca28a6c4022fa158ae4
05644cd3cd7e0f89125ec5055bd721c959a1a0fd
7e9a58a4b0502ec21571a876c0a13653b42d504bb56e6ac24a4b8a469e42c29b
GET /image.2521900470.0223/raf,220x200,075,t,eggplant.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 2631253
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Sat, 15 Oct 2022 13:01:49 GMT
etag: W/"7e9a58a4b0502ec21571a876c0a13653"
last-modified: Thu, 15 Sep 2022 02:07:36 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7EC8)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 2531627e-f454-4818-acea-ef3647972cea
x-xss-protection: 1; mode=block
content-length: 6101
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 799044db4f371ab1ac9334b12c474f5c
e0616d29e2c195e165ca3fd2d013cc9e4eaa26d8
5f06846dc0dcef907c5b23424f2714ac03e5e55df844e9f72b227c678c971f6b
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 15 Oct 2022 13:01:49 GMT
server: ESF
cache-control: private
content-length: 30943
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e2795bbe61af34c174a2c35d6ecdabf3
51cd45b2e579a493139cbb9f92b0af5052f00b86
c41cd8d984449c5a74e5c85350bb2fa1ae00767b5cec0451367a93076eded3a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/zVL0qRr3dbQ5f-Xr-uvCrkOcgLrlGoDuIshvtmLe0dw.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/zVL0qRr3dbQ5f-Xr-uvCrkOcgLrlGoDuIshvtmLe0dw.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36006)
Hash fb65307b1dc1c2f42b8400c145c7271e
bd66138b2abf821ff8a35b81b641eff2d705b17b
6bc6c1e47045d0865609d186b23bf3d01bd01469a7111e0e09f81426828b721f
GET /js/th/zVL0qRr3dbQ5f-Xr-uvCrkOcgLrlGoDuIshvtmLe0dw.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 05:04:15 GMT
expires: Thu, 12 Oct 2023 05:04:15 GMT
cache-control: public, max-age=31536000
age: 287854
last-modified: Mon, 03 Oct 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2615293405.8342/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 13 kB URL HTTP/2 ih0.redbubble.net/image.2615293405.8342/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 10f80b48faf4716e42eeb69a479532cf
2ab71ce122e15b05fdc9d5a965f5497bb5e93cca
544947c0b6bcc6f5ab033bc6799dbe00fa4f0312d6ab6829f47da24f59a86c2b
GET /image.2615293405.8342/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 4681745
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Sat, 15 Oct 2022 13:01:49 GMT
etag: W/"544947c0b6bcc6f5ab033bc6799dbe00"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7F15)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: be3b6589-2793-4135-a84a-ed9930596195
x-xss-protection: 1; mode=block
content-length: 13106
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash b18a421424654bdb717beaf953eed0e1
d58b2b3d8fbf821b46d01bc502586b3d02788c8a
239350c5a9c9b918ee93baf217736e45276600444b64814fd9bbfc516b251151
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 15 Oct 2022 13:01:49 GMT
server: ESF
cache-control: private
content-length: 30985
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2615509652.3915/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 9.5 kB URL HTTP/2 ih0.redbubble.net/image.2615509652.3915/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash bec24a797621dc1b550df36956ebada4
2e28ce3cc5e85db3d2c5fb26f7a328f594a620c8
4e57c4041246929caec036f63290e869dea5923090d2e263a083a0cd9df0f51b
GET /image.2615509652.3915/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 580444
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Sat, 15 Oct 2022 13:01:49 GMT
etag: W/"4e57c4041246929caec036f63290e869"
last-modified: Sat, 08 Oct 2022 19:47:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7F81)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: b0ac1ab6-a28b-4a96-a7b6-4f1b185ea558
x-xss-protection: 1; mode=block
content-length: 9544
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2436230143.4649/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 15 kB URL HTTP/2 ih0.redbubble.net/image.2436230143.4649/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 9a8c105ed2bc868dc77dd23860b0eae7
baba5fd5da037202cc6bee4b94c5e61553a6e4e5
e3a68991feafac3f02cffdee42f521b29379b95d10bada143ec7eb76b29bdf1e
GET /image.2436230143.4649/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 4681745
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Sat, 15 Oct 2022 13:01:49 GMT
etag: W/"e3a68991feafac3f02cffdee42f521b2"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7FA7)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: aadd9ba7-de8e-4ca0-b4e2-841f2c1ae673
x-xss-protection: 1; mode=block
content-length: 14753
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/33881.jpg
52.216.113.5200 OK 22 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/33881.jpg
IP 52.216.113.5:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:06:01 08:10:22], baseline, precision 8, 120x60, components 3\012- data
Hash e394b576ca95e2a49a8a7b8eda503c6a
a1fe574db4bb064614c810b4eeb293b3d3b221ec
7a55deebd04dce485ef536bdfd55f4c8a2aed9deaac22e987dfaefbc58f998a9
GET /logos.formetocoupon.com/120x60/33881.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 0ILRla/eg4Gx1nNaM561lt+dR0FAWTfdYasataxsSjg2kdtWPOz+mUdfe7df6CBrRU1PEZiDLcQ=
x-amz-request-id: X1VG0F4J560E8RXA
Date: Sat, 15 Oct 2022 13:01:50 GMT
Last-Modified: Wed, 01 Jun 2022 06:12:32 GMT
ETag: "e394b576ca95e2a49a8a7b8eda503c6a"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 21602
ih1.redbubble.net/image.2615416373.1429/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 12 kB URL HTTP/2 ih1.redbubble.net/image.2615416373.1429/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 4ed24b51630a165d7ab03688d1325d25
c726cb712f4cd72bf5c564a7dc0ad0ebbf9d2a52
19914bb432c06112f7f8b4878fbfbb15d4610cac7de7e1e4cada665e77dc02ac
GET /image.2615416373.1429/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 4681746
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Sat, 15 Oct 2022 13:01:49 GMT
etag: W/"19914bb432c06112f7f8b4878fbfbb15"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7EA5)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 0ad3ffab-7e43-4a7d-a9af-f6a7d7e1622c
x-xss-protection: 1; mode=block
content-length: 12230
X-Firefox-Spdy: h2
yt3.ggpht.com/nip8E9ASw52gOJQxdluWu8PK6GgTMaw87ja5NFJnc8le4062UgDFMgxzd2_UmGmz3PbyvBBG=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.9 kB URL HTTP/2 yt3.ggpht.com/nip8E9ASw52gOJQxdluWu8PK6GgTMaw87ja5NFJnc8le4062UgDFMgxzd2_UmGmz3PbyvBBG=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 73eea0bc3378ebdf7f3ed8311b2d1f9e
44bc2e5b5f953c901df6237b49c825b354671391
2dc9e7612ab1864f756e75873319ca21e35da2f0a19a7ab0e20e6ac9ce71811f
GET /nip8E9ASw52gOJQxdluWu8PK6GgTMaw87ja5NFJnc8le4062UgDFMgxzd2_UmGmz3PbyvBBG=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2924
x-xss-protection: 0
date: Sat, 15 Oct 2022 13:01:49 GMT
expires: Sat, 15 Oct 2022 02:10:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2501823087.1427/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 13 kB URL HTTP/2 ih1.redbubble.net/image.2501823087.1427/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 41a7ff2b932518137a3d3ed4e75cff14
12788c351920ae2e6a6915c80ea0f1cae9106382
281a8d6feb56d70c6a48c55fbf412a1d8e6fe90435118f7571a8635c0f706ceb
GET /image.2501823087.1427/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 4681746
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Sat, 15 Oct 2022 13:01:49 GMT
etag: W/"281a8d6feb56d70c6a48c55fbf412a1d"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7F60)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: d5f2891d-027d-4541-8e68-d499a6d21006
x-xss-protection: 1; mode=block
content-length: 12808
X-Firefox-Spdy: h2
www.redbubble.com/people/gratitude-aros/external-portfolio?count=9
172.64.153.8200 OK 37 kB URL HTTP/2 www.redbubble.com/people/gratitude-aros/external-portfolio?count=9
IP 172.64.153.8:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (470)
Hash e77e372a9d4850e1ec88db8519033221
323a24f9c2d2c80a787ab80604303f9a98d31edf
644a28d20d24161c967d2efeae5aac807c34f2adc76dc31fa881a64d45219451
GET /people/gratitude-aros/external-portfolio?count=9 HTTP/1.1
Host: www.redbubble.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Cookie: __cf_bm=8Vjdp6Xf.Z2Rx2ayLgRGQDxyHs37SjuC4TtkMRCbZaw-1665838908-0-AYB7K3ch35WZvJl/HpeSRhSXiDWuWCF3j/MHMY9aUO4Z6Z4dG4aclI1H7KEYZklv/+/b8OmHoNrOh78mWcL62uM=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:49 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
etag: W/"02c71b4e0ce36eb11167fb2e4ec035dc"
referrer-policy: strict-origin-when-cross-origin
set-cookie: open_id_token=eyJhbGciOiJFUzI1NiIsImtpZCI6InJlZGJ1YmJsZS00IiwidHlwIjoiSldUIn0.eyJhbXIiOlsidW5hdXRoZW50aWNhdGVkIl0sImlzcyI6Imh0dHBzOi8vd3d3LnJlZGJ1YmJsZS5jb20iLCJzdWIiOiJyZWRidWJibGU6MDFHRkRWUzFCNU5GVk5XOVZIVkY5QTBYS0QiLCJhdWQiOiJyZWRidWJibGUtc2VydmljZXMiLCJleHAiOjE2NjU4Mzk1MDgsImlhdCI6MTY2NTgzODkwOH0.e3QQrZAi03TpMjTHzmcCPBsODxgN9PA9E5GjDURVrZRbMJ8eW8c0-AI_ldAnU94ulpaOHSHqTLjbsLNHU-ut1A; Path=/; Domain=redbubble.com; Expires=Sat, 22 Oct 2022 13:01:48 GMT; Secure; SameSite=Lax
rbVisitorId=01GFDVS1B548FMEV3XSSMEQDVW; Path=/; Domain=redbubble.com; Expires=Sat, 22 Oct 2022 13:01:48 GMT; HttpOnly; Secure; SameSite=Lax
_rb_session=cc9d48d5b4dde4989fe67c75655f5a4860dd312af712cc9bfc239112e60204c0; domain=.redbubble.com; path=/; secure
_rb_session4=SktTVUFLUThxOUl0ZDYwdWlCd2N6enBVeDZwZU5UNjJEaGlMNHZxa1pQTWo0akZmOStVYytnNWlMb29kUGZVSTVTbnlTcmYyWUs1VGFIaTVlOTcrUENpc1Zab0JLMlJVUDN0Z3c1YUwvWUp0TnJBK0xQZVZMeWxQMjlid1R4MnQtLXZNYStBV3NuWkdWdkozM1dGZ2VyZWc9PQ%3D%3D--6156e22827c2c8c29f5735472face78901a9f220; path=/; secure; HttpOnly
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-rb-bot-identified: False
x-rb-oid: eyJhbGciOiJFUzI1NiIsImtpZCI6InJlZGJ1YmJsZS00IiwidHlwIjoiSldUIn0.eyJhbXIiOlsidW5hdXRoZW50aWNhdGVkIl0sImlzcyI6Imh0dHBzOi8vd3d3LnJlZGJ1YmJsZS5jb20iLCJzdWIiOiJyZWRidWJibGU6MDFHRkRWUzFCNU5GVk5XOVZIVkY5QTBYS0QiLCJhdWQiOiJyZWRidWJibGUtc2VydmljZXMiLCJleHAiOjE2NjU4Mzk1MDgsImlhdCI6MTY2NTgzODkwOH0.e3QQrZAi03TpMjTHzmcCPBsODxgN9PA9E5GjDURVrZRbMJ8eW8c0-AI_ldAnU94ulpaOHSHqTLjbsLNHU-ut1A
x-request-id: 746f4416-7218-4162-ad3e-7fad697f7b0c
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75a8bed948bb1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f2c49318a288ea2c057fb5f7299f2022
95e6f950cf5ac65b30d029dda4133ff4d622a03d
843601c4216073fd3898352abba277833a2e14e5331c5536002842b01a7302e8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s3.amazonaws.com/logos.formetocoupon.com/120x60/46170.jpg
52.216.113.5200 OK 19 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/46170.jpg
IP 52.216.113.5:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:10:07 12:29:10], progressive, precision 8, 120x60, components 3\012- data
Hash b07aadb053d03fb9461e24a32228d8bb
836db93cd292085284ee7ca0921a6be98dc85663
0c97e8e7c7e5fd40b5e70f761b9bd997d3edf4bfca5bed005ca74c94c144e53d
GET /logos.formetocoupon.com/120x60/46170.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: oAoMfMFEU+ZDOidhCCeWyVa45qNKKmL45bPjbx3881faOrQzpcCM/V0iVv5LNoi3RvnP4d/z858=
x-amz-request-id: X1VXKSE6E5HP00B8
Date: Sat, 15 Oct 2022 13:01:50 GMT
Last-Modified: Fri, 07 Oct 2022 10:31:46 GMT
ETag: "b07aadb053d03fb9461e24a32228d8bb"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 18597
s3.amazonaws.com/logos.formetocoupon.com/120x60/25994.png
52.216.113.5200 OK 23 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/25994.png
IP 52.216.113.5:0
File type PNG image data, 120 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash d393ea44323ada3ef8d05acc389162a5
22c912b333887cbe0a9ddc502e47608f5f5b9664
393c9d3eb32c980b810f48cf80a19fe54143694027a5a9d5be9e7f93b8402119
GET /logos.formetocoupon.com/120x60/25994.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 6LO114+ydlVr0+/uc+HJBoeUmKDepxYFOCklNvh8RnS1bWKT/V62NWaophX+N0eaj4TzLwoiyEQ=
x-amz-request-id: X1VTX4DEMRZ6R2GV
Date: Sat, 15 Oct 2022 13:01:50 GMT
Last-Modified: Mon, 07 Dec 2015 16:49:59 GMT
ETag: "d393ea44323ada3ef8d05acc389162a5"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 23209
trafficadbar.com/bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
52.202.155.140302 Found 19 kB URL HTTP/2 trafficadbar.com/bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
IP 52.202.155.140:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2020:09:18 18:09:06], baseline, precision 8, 120x60, components 3\012- data
Hash ce9e1958f27f0be73c24b082a03db1ee
9becb08536ff59411906a36ed1726cdacac9de7f
536bbe84654fd64313413b81a19fba5744347c91f2142557be4f3f664eb1bbe9
GET /bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://trafficadbar.com/bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Sat, 15 Oct 2022 13:01:48 GMT
content-type: text/html; charset=UTF-8
server: nginx
location: /bar/page2.php?a=MTGSamurai&b=490&c=90&d=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&ref1=https%3A%2F%2Fllclickpro.com%2F&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e2795bbe61af34c174a2c35d6ecdabf3
51cd45b2e579a493139cbb9f92b0af5052f00b86
c41cd8d984449c5a74e5c85350bb2fa1ae00767b5cec0451367a93076eded3a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/ZFBI_JoDwew/sddefault.webp
142.250.74.118200 OK 21 kB URL HTTP/2 i.ytimg.com/vi_webp/ZFBI_JoDwew/sddefault.webp
IP 142.250.74.118:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9bc80783dd42606a38e3210ad1b3711d
28445b6ec0a0426acf5164a6df5076b7303347a6
3248bd00f508984ec3bdaea739c1f2a745768a30e6d897c2aa4d928ad84ac54e
GET /vi_webp/ZFBI_JoDwew/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 21248
date: Sat, 15 Oct 2022 13:01:50 GMT
expires: Sat, 15 Oct 2022 15:01:50 GMT
cache-control: public, max-age=7200
etag: "1648682389"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/54542.jpg
52.216.113.5200 OK 21 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/54542.jpg
IP 52.216.113.5:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:09:29 20:01:24], progressive, precision 8, 120x60, components 3\012- data
Hash e99c4784fa9d973c1c48112debaa3e20
2057f925eaae4ed4309b2e542f07edb6f5a35ba5
25cb6f0ff7c5eb9ac9f73f66823af3c1e4fef8d73521f83964be1698682a1f5b
GET /logos.formetocoupon.com/120x60/54542.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: QXEdsesrNqizphnwns3+zrIVTG/FFAt5hMj8hi353hBGvS9vTAu0oz9JguJOtCnrSrBZ44aAoOs=
x-amz-request-id: 091JRWAGPH2G0F3R
Date: Sat, 15 Oct 2022 13:01:51 GMT
Last-Modified: Thu, 29 Sep 2022 18:03:21 GMT
ETag: "e99c4784fa9d973c1c48112debaa3e20"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 21377
d1ielco78gv5pf.cloudfront.net/assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png
54.230.245.54200 OK 753 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png
IP 54.230.245.54:0
File type PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 95b83ee0d2cb98b5133345024a14031e
fb1f79f434185cabeda75b895cb0e98113c8c6ec
5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0
GET /assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 753
date: Mon, 05 Sep 2022 13:09:45 GMT
server: nginx
last-modified: Sun, 04 Sep 2022 10:06:31 GMT
expires: Thu, 02 Sep 2032 13:09:45 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4AZg77G_ZKvuNDUJxzMMMwyD_OvN4frhCVbu1pmCt3hRRqjXUQGVKg==
age: 3455525
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png
54.230.245.54200 OK 147 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png
IP 54.230.245.54:0
File type PNG image data, 7 x 10, 8-bit gray+alpha, non-interlaced\012- data
Hash aafe97f737c068ef75a9410c8a45f5a4
0d1856e53194b2a68d1976a21fe05d20eac683b6
44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47
GET /assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 147
date: Fri, 27 May 2022 01:22:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=315360000, public
etag: "628dff80-93"
expires: Mon, 24 May 2032 01:22:02 GMT
last-modified: Wed, 25 May 2022 10:05:52 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UIscfsq7BekioLBvNZ3lAfuTn3tBa19iaR-2PKDI2BIapNvQzn_c3A==
age: 12224388
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif
54.230.245.54200 OK 1.8 kB URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif
IP 54.230.245.54:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 53c8654b9584bb9f925f2e9f12a3a365
69b347445a08ef2e1235cb8ff2fad484d59ae7d3
8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d
GET /assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 1785
date: Wed, 18 May 2022 14:23:23 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=315360000, public
etag: "628373c3-6f9"
expires: Sat, 15 May 2032 14:23:23 GMT
last-modified: Tue, 17 May 2022 10:06:59 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XBJlEQ1KeMlf9ipKuMHZOpp6AOBuxvwjgYof2JE94FAaElnwUUY8sw==
age: 12955107
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/45137.jpg
52.216.113.5200 OK 23 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/45137.jpg
IP 52.216.113.5:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2020:10:07 08:48:42], baseline, precision 8, 120x60, components 3\012- data
Hash c06f917133f51135a708a10e060e52fe
3cf6f925484233fbe0abc4cf7d0105073349302f
284666ca3c61afdcbfcc92940c37320f7f27bd0e7a12e6a8c87e9c5a787f7627
GET /logos.formetocoupon.com/120x60/45137.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: y5yVkLqYp6IS1pZ8SfNXm2tFQKQOVJGxQualmKe8lnEKfNwJ7a+mfPyQkpkA7q28nDFMe4NQUjc=
x-amz-request-id: X1VKPMSZ576CBH1C
Date: Sat, 15 Oct 2022 13:01:50 GMT
Last-Modified: Wed, 07 Oct 2020 06:48:52 GMT
ETag: "c06f917133f51135a708a10e060e52fe"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 23080
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f2c49318a288ea2c057fb5f7299f2022
95e6f950cf5ac65b30d029dda4133ff4d622a03d
843601c4216073fd3898352abba277833a2e14e5331c5536002842b01a7302e8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3693b869a30652f2e5cededbf71e80e8
01ff56e45ff18ee14a80bd5b4e1c8152349d32e4
3973913ec49401d91d2a5e30cf8470b70def89e4333d24b1c073694feea14953
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5379
Cache-Control: max-age=104325
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:50 GMT
Etag: "63498ec0-1d7"
Expires: Sun, 16 Oct 2022 18:00:35 GMT
Last-Modified: Fri, 14 Oct 2022 16:30:56 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/undefined/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/undefined/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash cd28c0b0cd9abeb819ad7f4bf0079566
ba650aaacaa57a9df1434ddde34132098f692b76
67be8b40516cf7a84bd59683163be54d4e9d4668b0b2a5ee4a6ccf8452d6de5b
GET /undefined/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ceac9300ed7a3b94987295233ffb186a
etag: "912b5ffd2b02e5d03350dd57bcbd6ee6"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 15 Oct 2022 13:10:01 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: zSjAsM2avrgZrX9L8AeVZg==
x-fb-debug: BXIzBQW67dvDtAt7Nh7EgeWLktn8u0hfr07QmL5WZ5njkV0WV0Swj4y4rtkkAr1fopSTshaHaDNEBLJ6aVeRhA==
priority: u=3,i
content-length: 1689
x-fb-trip-id: 1904183273
date: Sat, 15 Oct 2022 13:01:50 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 959 B IP 93.184.220.29:0
Hash 4daf0ee6c15be4ecced350bd6155c68b
a8e7251c5683687edad235bcddf471006dca05c5
fd90587d5eadcbdec9f78c9997eacaeaccea5b79e6b2cbb2babb780eb8e4a17e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5379
Cache-Control: max-age=104325
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:50 GMT
Etag: "63498ec0-1d7"
Expires: Sun, 16 Oct 2022 18:00:35 GMT
Last-Modified: Fri, 14 Oct 2022 16:30:56 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ih1.redbubble.net/image.2423146004.3028/raf,220x200,075,t,black.u5.jpg
68.232.35.237200 OK 7.1 kB URL HTTP/2 ih1.redbubble.net/image.2423146004.3028/raf,220x200,075,t,black.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash ea2e9b008dd5ea4ae82bd436910c2533
9b839ada94e09772f01c49af1032b9f046e9b6ed
0220c6be7d3cfcffc662fcab4c31803925ec7e294e4165098a1b364ad8800ace
GET /image.2423146004.3028/raf,220x200,075,t,black.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 4681747
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Sat, 15 Oct 2022 13:01:50 GMT
etag: W/"0220c6be7d3cfcffc662fcab4c318039"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7F84)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 0c943895-8cf5-4c7d-88fc-024373c4d11a
x-xss-protection: 1; mode=block
content-length: 7140
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash f4ee0bde2a7611e0a8959bf806ad87f2
663a9f76d504241fcae939071277a6145680bf47
5398628aa757597081f24f202f6dbfdefa16ef2c565a68f960eff5a3dbdead18
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 15 Oct 2022 13:01:50 GMT
server: ESF
cache-control: private
content-length: 30870
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 899a380dcb220838d4ce6e105409a9f2
826cfa7128d0e7d6277ecb02dfcd285d753f615b
a252277cb29ecee3ea012b0c194eed410eb90404d4946c37e7371db29b09d7b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 899a380dcb220838d4ce6e105409a9f2
826cfa7128d0e7d6277ecb02dfcd285d753f615b
a252277cb29ecee3ea012b0c194eed410eb90404d4946c37e7371db29b09d7b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1665860510&ei=Pa9KY_aoNeOVv_IPlayWiAI&ip=91.90.42.154&id=o-ACI3vcSWHmnF4VpjeXNevQYsquKamtIQz8aFFNrqkscK&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yne6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1232500&spc=yR2vp9ukh76gMpzEQN7TsNCB0ePkRYg&vprv=1&mime=video%2Fwebm&ns=jnzJHWNa3vrZQYzeCBZbdV0I&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&mt=1665838393&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=ob8UDkQOuBcDFA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgO8OLA2q3YP46JqfrO0GHQlwbRly5jOw7F5CT7IDxzTYCIQDzyL3V_0hibSg0EuLyEFZ0Axx2Xro-eneKohvhvUdGCg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgE95eNCpdiJ-oELb67EbBYpIbhGB65C9Y7Me4gqHVbpACIAxB_1curIC2QY3LR_JZVAiFN_D3XtvWzUdMomUc8QTX&alr=yes&cpn=ncmnn16xbYqpwzZC&cver=1.20221012.01.01&range=0-348&rn=1&rbuf=0
91.90.45.172200 OK 1.1 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1665860510&ei=Pa9KY_aoNeOVv_IPlayWiAI&ip=91.90.42.154&id=o-ACI3vcSWHmnF4VpjeXNevQYsquKamtIQz8aFFNrqkscK&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yne6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1232500&spc=yR2vp9ukh76gMpzEQN7TsNCB0ePkRYg&vprv=1&mime=video%2Fwebm&ns=jnzJHWNa3vrZQYzeCBZbdV0I&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&mt=1665838393&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=ob8UDkQOuBcDFA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgO8OLA2q3YP46JqfrO0GHQlwbRly5jOw7F5CT7IDxzTYCIQDzyL3V_0hibSg0EuLyEFZ0Axx2Xro-eneKohvhvUdGCg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgE95eNCpdiJ-oELb67EbBYpIbhGB65C9Y7Me4gqHVbpACIAxB_1curIC2QY3LR_JZVAiFN_D3XtvWzUdMomUc8QTX&alr=yes&cpn=ncmnn16xbYqpwzZC&cver=1.20221012.01.01&range=0-348&rn=1&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1084), with no line terminators
Hash 0b8e98ea03cae00dcb5075a704851c65
51f6e296ce96366296e0ecb2e9189b621c1a38d7
c740ee333086fa99fd08ee982bd54f1b3c3ab8ac755108672821ab4cbefc39ed
GET /videoplayback?expire=1665860510&ei=Pa9KY_aoNeOVv_IPlayWiAI&ip=91.90.42.154&id=o-ACI3vcSWHmnF4VpjeXNevQYsquKamtIQz8aFFNrqkscK&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yne6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1232500&spc=yR2vp9ukh76gMpzEQN7TsNCB0ePkRYg&vprv=1&mime=video%2Fwebm&ns=jnzJHWNa3vrZQYzeCBZbdV0I&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&mt=1665838393&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=ob8UDkQOuBcDFA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgO8OLA2q3YP46JqfrO0GHQlwbRly5jOw7F5CT7IDxzTYCIQDzyL3V_0hibSg0EuLyEFZ0Axx2Xro-eneKohvhvUdGCg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgE95eNCpdiJ-oELb67EbBYpIbhGB65C9Y7Me4gqHVbpACIAxB_1curIC2QY3LR_JZVAiFN_D3XtvWzUdMomUc8QTX&alr=yes&cpn=ncmnn16xbYqpwzZC&cver=1.20221012.01.01&range=0-348&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sat, 15 Oct 2022 13:01:51 GMT
Expires: Sat, 15 Oct 2022 13:01:51 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1084
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1665860510&ei=Pa9KY_aoNeOVv_IPlayWiAI&ip=91.90.42.154&id=o-ACI3vcSWHmnF4VpjeXNevQYsquKamtIQz8aFFNrqkscK&itag=250&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yne6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1232500&spc=yR2vp9ukh76gMpzEQN7TsNCB0ePkRYg&vprv=1&mime=audio%2Fwebm&ns=jnzJHWNa3vrZQYzeCBZbdV0I&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&mt=1665838393&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=ob8UDkQOuBcDFA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYA6qZuP5mcKZYG-Y9-nQpQwmJK02uFyNaBBL33FjUgECIDRsFlD7xDFfnMxYBqAEkL0jV_JfMd6Ax9M5543P1kuX&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgE95eNCpdiJ-oELb67EbBYpIbhGB65C9Y7Me4gqHVbpACIAxB_1curIC2QY3LR_JZVAiFN_D3XtvWzUdMomUc8QTX&alr=yes&cpn=ncmnn16xbYqpwzZC&cver=1.20221012.01.01&range=0-337&rn=2&rbuf=0
91.90.45.172200 OK 1.0 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1665860510&ei=Pa9KY_aoNeOVv_IPlayWiAI&ip=91.90.42.154&id=o-ACI3vcSWHmnF4VpjeXNevQYsquKamtIQz8aFFNrqkscK&itag=250&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yne6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1232500&spc=yR2vp9ukh76gMpzEQN7TsNCB0ePkRYg&vprv=1&mime=audio%2Fwebm&ns=jnzJHWNa3vrZQYzeCBZbdV0I&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&mt=1665838393&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=ob8UDkQOuBcDFA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYA6qZuP5mcKZYG-Y9-nQpQwmJK02uFyNaBBL33FjUgECIDRsFlD7xDFfnMxYBqAEkL0jV_JfMd6Ax9M5543P1kuX&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgE95eNCpdiJ-oELb67EbBYpIbhGB65C9Y7Me4gqHVbpACIAxB_1curIC2QY3LR_JZVAiFN_D3XtvWzUdMomUc8QTX&alr=yes&cpn=ncmnn16xbYqpwzZC&cver=1.20221012.01.01&range=0-337&rn=2&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1012), with no line terminators
Hash 37d4bfe420328c53457e62f1ea3246e2
35980d9f774d292d0dbc512a1a94c2c519982c94
9679678332fcc31a86ddff8d8779fad9727c625c9c311e222901d926956f89ff
GET /videoplayback?expire=1665860510&ei=Pa9KY_aoNeOVv_IPlayWiAI&ip=91.90.42.154&id=o-ACI3vcSWHmnF4VpjeXNevQYsquKamtIQz8aFFNrqkscK&itag=250&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yne6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1232500&spc=yR2vp9ukh76gMpzEQN7TsNCB0ePkRYg&vprv=1&mime=audio%2Fwebm&ns=jnzJHWNa3vrZQYzeCBZbdV0I&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&mt=1665838393&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=ob8UDkQOuBcDFA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYA6qZuP5mcKZYG-Y9-nQpQwmJK02uFyNaBBL33FjUgECIDRsFlD7xDFfnMxYBqAEkL0jV_JfMd6Ax9M5543P1kuX&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgE95eNCpdiJ-oELb67EbBYpIbhGB65C9Y7Me4gqHVbpACIAxB_1curIC2QY3LR_JZVAiFN_D3XtvWzUdMomUc8QTX&alr=yes&cpn=ncmnn16xbYqpwzZC&cver=1.20221012.01.01&range=0-337&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sat, 15 Oct 2022 13:01:51 GMT
Expires: Sat, 15 Oct 2022 13:01:51 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1012
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 899a380dcb220838d4ce6e105409a9f2
826cfa7128d0e7d6277ecb02dfcd285d753f615b
a252277cb29ecee3ea012b0c194eed410eb90404d4946c37e7371db29b09d7b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash f0ec2520bb0a4ccfe5158388ae93e305
8a45bc49728efad623672ea34d880cd24c713ffc
7da2057db4d8125b577f62e05e1683f29dc067f0781674cd40eae6673ef28f68
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 15 Oct 2022 13:01:51 GMT
server: ESF
cache-control: private
content-length: 31197
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea21d0841727fdcf9bf8940de38777a4
654586f43932edceafd9ecb4045e16ab0db3628c
088a8a64b9e0c414e643526c522527f7776cf7cf12483533b1aeaed8c2a19b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea21d0841727fdcf9bf8940de38777a4
654586f43932edceafd9ecb4045e16ab0db3628c
088a8a64b9e0c414e643526c522527f7776cf7cf12483533b1aeaed8c2a19b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr5---sn-5go7yne6.googlevideo.com/videoplayback?expire=1665860510&ei=Pa9KY_aoNeOVv_IPlayWiAI&ip=91.90.42.154&id=o-ACI3vcSWHmnF4VpjeXNevQYsquKamtIQz8aFFNrqkscK&itag=250&source=youtube&requiressl=yes&spc=yR2vp9ukh76gMpzEQN7TsNCB0ePkRYg&vprv=1&mime=audio%2Fwebm&ns=jnzJHWNa3vrZQYzeCBZbdV0I&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=ob8UDkQOuBcDFA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYA6qZuP5mcKZYG-Y9-nQpQwmJK02uFyNaBBL33FjUgECIDRsFlD7xDFfnMxYBqAEkL0jV_JfMd6Ax9M5543P1kuX&alr=yes&cpn=ncmnn16xbYqpwzZC&cver=1.20221012.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=gh&mm=29&mn=sn-5go7yne6&ms=rdu&mt=1665838639&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgVM20EMW6mP6pZj0ShmL_EhivAY9vGrPzWVFiQkvFn-ICIFtttSj5gbVOl4kAutP9QdIMm0VkT0R-5-t6DY4v9sEz&range=0-337&rn=4&rbuf=0
173.194.163.107200 OK 338 B URL HTTP/1.1 rr5---sn-5go7yne6.googlevideo.com/videoplayback?expire=1665860510&ei=Pa9KY_aoNeOVv_IPlayWiAI&ip=91.90.42.154&id=o-ACI3vcSWHmnF4VpjeXNevQYsquKamtIQz8aFFNrqkscK&itag=250&source=youtube&requiressl=yes&spc=yR2vp9ukh76gMpzEQN7TsNCB0ePkRYg&vprv=1&mime=audio%2Fwebm&ns=jnzJHWNa3vrZQYzeCBZbdV0I&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=ob8UDkQOuBcDFA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYA6qZuP5mcKZYG-Y9-nQpQwmJK02uFyNaBBL33FjUgECIDRsFlD7xDFfnMxYBqAEkL0jV_JfMd6Ax9M5543P1kuX&alr=yes&cpn=ncmnn16xbYqpwzZC&cver=1.20221012.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=gh&mm=29&mn=sn-5go7yne6&ms=rdu&mt=1665838639&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgVM20EMW6mP6pZj0ShmL_EhivAY9vGrPzWVFiQkvFn-ICIFtttSj5gbVOl4kAutP9QdIMm0VkT0R-5-t6DY4v9sEz&range=0-337&rn=4&rbuf=0
IP 173.194.163.107:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash ad731b1b5f15e8439e4ab2816fe84240
1dbb0f630b426413eda4e6b4134979aec2d4ae8b
099a421c809946c753da16a33d1815db997edd49bc686e5d97f85ab2f234515c
GET /videoplayback?expire=1665860510&ei=Pa9KY_aoNeOVv_IPlayWiAI&ip=91.90.42.154&id=o-ACI3vcSWHmnF4VpjeXNevQYsquKamtIQz8aFFNrqkscK&itag=250&source=youtube&requiressl=yes&spc=yR2vp9ukh76gMpzEQN7TsNCB0ePkRYg&vprv=1&mime=audio%2Fwebm&ns=jnzJHWNa3vrZQYzeCBZbdV0I&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=ob8UDkQOuBcDFA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgYA6qZuP5mcKZYG-Y9-nQpQwmJK02uFyNaBBL33FjUgECIDRsFlD7xDFfnMxYBqAEkL0jV_JfMd6Ax9M5543P1kuX&alr=yes&cpn=ncmnn16xbYqpwzZC&cver=1.20221012.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=gh&mm=29&mn=sn-5go7yne6&ms=rdu&mt=1665838639&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgVM20EMW6mP6pZj0ShmL_EhivAY9vGrPzWVFiQkvFn-ICIFtttSj5gbVOl4kAutP9QdIMm0VkT0R-5-t6DY4v9sEz&range=0-337&rn=4&rbuf=0 HTTP/1.1
Host: rr5---sn-5go7yne6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 24 Feb 2022 09:07:16 GMT
Content-Type: audio/webm
Date: Sat, 15 Oct 2022 13:01:52 GMT
Expires: Sat, 15 Oct 2022 13:01:52 GMT
Cache-Control: private, max-age=21298
Accept-Ranges: bytes
Content-Length: 338
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr5---sn-5go7yne6.googlevideo.com/videoplayback?expire=1665860510&ei=Pa9KY_aoNeOVv_IPlayWiAI&ip=91.90.42.154&id=o-ACI3vcSWHmnF4VpjeXNevQYsquKamtIQz8aFFNrqkscK&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&spc=yR2vp9ukh76gMpzEQN7TsNCB0ePkRYg&vprv=1&mime=video%2Fwebm&ns=jnzJHWNa3vrZQYzeCBZbdV0I&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=ob8UDkQOuBcDFA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgO8OLA2q3YP46JqfrO0GHQlwbRly5jOw7F5CT7IDxzTYCIQDzyL3V_0hibSg0EuLyEFZ0Axx2Xro-eneKohvhvUdGCg%3D%3D&alr=yes&cpn=ncmnn16xbYqpwzZC&cver=1.20221012.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=gh&mm=29&mn=sn-5go7yne6&ms=rdu&mt=1665838639&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAN1IYE9LqeXJd8lbpyIvCE2lfTlBsfCAhDBdJOoWZBl7AiAlOknzri4rZgjRueAbfeZMmVUTHxIUN3Ten1IlJDZZCw%3D%3D&range=0-348&rn=3&rbuf=0
173.194.163.107200 OK 349 B URL HTTP/1.1 rr5---sn-5go7yne6.googlevideo.com/videoplayback?expire=1665860510&ei=Pa9KY_aoNeOVv_IPlayWiAI&ip=91.90.42.154&id=o-ACI3vcSWHmnF4VpjeXNevQYsquKamtIQz8aFFNrqkscK&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&spc=yR2vp9ukh76gMpzEQN7TsNCB0ePkRYg&vprv=1&mime=video%2Fwebm&ns=jnzJHWNa3vrZQYzeCBZbdV0I&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=ob8UDkQOuBcDFA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgO8OLA2q3YP46JqfrO0GHQlwbRly5jOw7F5CT7IDxzTYCIQDzyL3V_0hibSg0EuLyEFZ0Axx2Xro-eneKohvhvUdGCg%3D%3D&alr=yes&cpn=ncmnn16xbYqpwzZC&cver=1.20221012.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=gh&mm=29&mn=sn-5go7yne6&ms=rdu&mt=1665838639&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAN1IYE9LqeXJd8lbpyIvCE2lfTlBsfCAhDBdJOoWZBl7AiAlOknzri4rZgjRueAbfeZMmVUTHxIUN3Ten1IlJDZZCw%3D%3D&range=0-348&rn=3&rbuf=0
IP 173.194.163.107:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 6799eeffb2467b3622904988938cc6c9
363a023f07f0578a4978f873d55603650c9b32de
430e019435c317dab1826c031d59218a2dd88706591d671aa2ade9b2e74dec74
GET /videoplayback?expire=1665860510&ei=Pa9KY_aoNeOVv_IPlayWiAI&ip=91.90.42.154&id=o-ACI3vcSWHmnF4VpjeXNevQYsquKamtIQz8aFFNrqkscK&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&spc=yR2vp9ukh76gMpzEQN7TsNCB0ePkRYg&vprv=1&mime=video%2Fwebm&ns=jnzJHWNa3vrZQYzeCBZbdV0I&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=ob8UDkQOuBcDFA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgO8OLA2q3YP46JqfrO0GHQlwbRly5jOw7F5CT7IDxzTYCIQDzyL3V_0hibSg0EuLyEFZ0Axx2Xro-eneKohvhvUdGCg%3D%3D&alr=yes&cpn=ncmnn16xbYqpwzZC&cver=1.20221012.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=gh&mm=29&mn=sn-5go7yne6&ms=rdu&mt=1665838639&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAN1IYE9LqeXJd8lbpyIvCE2lfTlBsfCAhDBdJOoWZBl7AiAlOknzri4rZgjRueAbfeZMmVUTHxIUN3Ten1IlJDZZCw%3D%3D&range=0-348&rn=3&rbuf=0 HTTP/1.1
Host: rr5---sn-5go7yne6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 24 Feb 2022 09:07:16 GMT
Content-Type: video/webm
Date: Sat, 15 Oct 2022 13:01:52 GMT
Expires: Sat, 15 Oct 2022 13:01:52 GMT
Cache-Control: private, max-age=21298
Accept-Ranges: bytes
Content-Length: 349
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea21d0841727fdcf9bf8940de38777a4
654586f43932edceafd9ecb4045e16ab0db3628c
088a8a64b9e0c414e643526c522527f7776cf7cf12483533b1aeaed8c2a19b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-5goeen7y.googlevideo.com/videoplayback?expire=1665860510&ei=Pq9KY5jUIZCa7QS83KTQCg&ip=91.90.42.154&id=o-AKLwtTOQrWwh56BDYG5FjhpYQ2GwqAhoCsncC52GUe9B&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&spc=yR2vpxdLn0X7tu_w6hxo9zvW5z0yjz0&vprv=1&mime=video%2Fwebm&ns=JeDAO2map0wW41QOTrIbm5cI&gir=yes&clen=372609&dur=9.766&lmt=1644075043168469&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=Q5iAqIAyaY3hBg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIge_cEzYegoQCu55kl77a6Af64vxx6WdmfzuhRmFPuxsQCIQDuBUCYfZ7anZByRqQPsKQzQeSKstQ5J3cIMleprxS2Ng%3D%3D&alr=yes&cpn=1U-2PrP0LlMEBcNk&cver=1.20221012.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=ke&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1665838639&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALBDkXXhxIRaiAnJyCv-raC-lTQiVBozadYtNSlnhhZ6AiEApTYpDYUZqZhHbm0BHid1eniRgHoHcJBy615P36MutFE%3D&range=0-83624&rn=3&rbuf=0
74.125.110.135200 OK 84 kB URL HTTP/1.1 rr2---sn-5goeen7y.googlevideo.com/videoplayback?expire=1665860510&ei=Pq9KY5jUIZCa7QS83KTQCg&ip=91.90.42.154&id=o-AKLwtTOQrWwh56BDYG5FjhpYQ2GwqAhoCsncC52GUe9B&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&spc=yR2vpxdLn0X7tu_w6hxo9zvW5z0yjz0&vprv=1&mime=video%2Fwebm&ns=JeDAO2map0wW41QOTrIbm5cI&gir=yes&clen=372609&dur=9.766&lmt=1644075043168469&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=Q5iAqIAyaY3hBg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIge_cEzYegoQCu55kl77a6Af64vxx6WdmfzuhRmFPuxsQCIQDuBUCYfZ7anZByRqQPsKQzQeSKstQ5J3cIMleprxS2Ng%3D%3D&alr=yes&cpn=1U-2PrP0LlMEBcNk&cver=1.20221012.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=ke&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1665838639&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALBDkXXhxIRaiAnJyCv-raC-lTQiVBozadYtNSlnhhZ6AiEApTYpDYUZqZhHbm0BHid1eniRgHoHcJBy615P36MutFE%3D&range=0-83624&rn=3&rbuf=0
IP 74.125.110.135:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash a5cff876e8757875138a219b1e112192
37a633577e49a52ff0dfbbb1ba4d612fde9c31c6
c5056416db1e6e9d48e859b48175c9140292647bda2333babd32a54ca5523c78
GET /videoplayback?expire=1665860510&ei=Pq9KY5jUIZCa7QS83KTQCg&ip=91.90.42.154&id=o-AKLwtTOQrWwh56BDYG5FjhpYQ2GwqAhoCsncC52GUe9B&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&spc=yR2vpxdLn0X7tu_w6hxo9zvW5z0yjz0&vprv=1&mime=video%2Fwebm&ns=JeDAO2map0wW41QOTrIbm5cI&gir=yes&clen=372609&dur=9.766&lmt=1644075043168469&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=Q5iAqIAyaY3hBg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIge_cEzYegoQCu55kl77a6Af64vxx6WdmfzuhRmFPuxsQCIQDuBUCYfZ7anZByRqQPsKQzQeSKstQ5J3cIMleprxS2Ng%3D%3D&alr=yes&cpn=1U-2PrP0LlMEBcNk&cver=1.20221012.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=ke&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1665838639&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALBDkXXhxIRaiAnJyCv-raC-lTQiVBozadYtNSlnhhZ6AiEApTYpDYUZqZhHbm0BHid1eniRgHoHcJBy615P36MutFE%3D&range=0-83624&rn=3&rbuf=0 HTTP/1.1
Host: rr2---sn-5goeen7y.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 05 Feb 2022 15:30:43 GMT
Content-Type: video/webm
Date: Sat, 15 Oct 2022 13:01:52 GMT
Expires: Sat, 15 Oct 2022 13:01:52 GMT
Cache-Control: private, max-age=21298
Accept-Ranges: bytes
Content-Length: 83625
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-5goeen7y.googlevideo.com/videoplayback?expire=1665860510&ei=Pq9KY5jUIZCa7QS83KTQCg&ip=91.90.42.154&id=o-AKLwtTOQrWwh56BDYG5FjhpYQ2GwqAhoCsncC52GUe9B&itag=251&source=youtube&requiressl=yes&spc=yR2vpxdLn0X7tu_w6hxo9zvW5z0yjz0&vprv=1&mime=audio%2Fwebm&ns=JeDAO2map0wW41QOTrIbm5cI&gir=yes&clen=142602&dur=9.801&lmt=1644075043895481&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=Q5iAqIAyaY3hBg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANzdqEk0TPzQ6AJEIuwjX2LTMrBTEIKErShZyZYPDvdyAiAtxwC_hea_stx15cR37yJ1fiApjz_xF1ETGB6VAF673w%3D%3D&alr=yes&cpn=1U-2PrP0LlMEBcNk&cver=1.20221012.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=ke&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1665838639&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALLFgEXTZKc9SdEbiqL7c4bn4gj7Ak8gl9Uhssbj-EaHAiAnwDKel5w3t55J_J4J9eaWS5OSRmzuOyvpPOiY8aTkxw%3D%3D&range=0-65812&rn=4&rbuf=0
74.125.110.135200 OK 66 kB URL HTTP/1.1 rr2---sn-5goeen7y.googlevideo.com/videoplayback?expire=1665860510&ei=Pq9KY5jUIZCa7QS83KTQCg&ip=91.90.42.154&id=o-AKLwtTOQrWwh56BDYG5FjhpYQ2GwqAhoCsncC52GUe9B&itag=251&source=youtube&requiressl=yes&spc=yR2vpxdLn0X7tu_w6hxo9zvW5z0yjz0&vprv=1&mime=audio%2Fwebm&ns=JeDAO2map0wW41QOTrIbm5cI&gir=yes&clen=142602&dur=9.801&lmt=1644075043895481&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=Q5iAqIAyaY3hBg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANzdqEk0TPzQ6AJEIuwjX2LTMrBTEIKErShZyZYPDvdyAiAtxwC_hea_stx15cR37yJ1fiApjz_xF1ETGB6VAF673w%3D%3D&alr=yes&cpn=1U-2PrP0LlMEBcNk&cver=1.20221012.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=ke&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1665838639&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALLFgEXTZKc9SdEbiqL7c4bn4gj7Ak8gl9Uhssbj-EaHAiAnwDKel5w3t55J_J4J9eaWS5OSRmzuOyvpPOiY8aTkxw%3D%3D&range=0-65812&rn=4&rbuf=0
IP 74.125.110.135:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash a3e5161d67b6bcdbc2900f34d1b62837
70cfc40fc73887edd4962521d8a1f4355c2ae0ec
16b997a701a210873b11d55fb91acd40c67ac75f0cb35f6af030685640ad6647
GET /videoplayback?expire=1665860510&ei=Pq9KY5jUIZCa7QS83KTQCg&ip=91.90.42.154&id=o-AKLwtTOQrWwh56BDYG5FjhpYQ2GwqAhoCsncC52GUe9B&itag=251&source=youtube&requiressl=yes&spc=yR2vpxdLn0X7tu_w6hxo9zvW5z0yjz0&vprv=1&mime=audio%2Fwebm&ns=JeDAO2map0wW41QOTrIbm5cI&gir=yes&clen=142602&dur=9.801&lmt=1644075043895481&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=Q5iAqIAyaY3hBg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANzdqEk0TPzQ6AJEIuwjX2LTMrBTEIKErShZyZYPDvdyAiAtxwC_hea_stx15cR37yJ1fiApjz_xF1ETGB6VAF673w%3D%3D&alr=yes&cpn=1U-2PrP0LlMEBcNk&cver=1.20221012.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=ke&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1665838639&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALLFgEXTZKc9SdEbiqL7c4bn4gj7Ak8gl9Uhssbj-EaHAiAnwDKel5w3t55J_J4J9eaWS5OSRmzuOyvpPOiY8aTkxw%3D%3D&range=0-65812&rn=4&rbuf=0 HTTP/1.1
Host: rr2---sn-5goeen7y.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 05 Feb 2022 15:30:43 GMT
Content-Type: audio/webm
Date: Sat, 15 Oct 2022 13:01:52 GMT
Expires: Sat, 15 Oct 2022 13:01:52 GMT
Cache-Control: private, max-age=21298
Accept-Ranges: bytes
Content-Length: 65813
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.digicert.com/
93.184.220.29200 OK 1.9 kB IP 93.184.220.29:0
File type gzip compressed data, max compression\012- data
Hash 2859a5b103ed678e93471997417c1d3a
af587c8c6f7430c44e32c856fde4213f3d5edb21
d8e7055e463382eb119e6f20bdb58763f5c014127345cbe1b279dd3c88f77ead
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3199
Cache-Control: max-age=169453
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:53 GMT
Etag: "634a95af-117"
Expires: Mon, 17 Oct 2022 12:06:06 GMT
Last-Modified: Sat, 15 Oct 2022 11:12:47 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcbaa572d-617c-4469-acdb-becf07c450b8.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcbaa572d-617c-4469-acdb-becf07c450b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce54806e476cd432c4a5f223fbe312f8
6e88822b66f398cd508f359fafc1fd06b0e77e6d
4843c10ee3301e18a7745b808cb6a5f3160246799c01bed2523e491d2b26c01b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcbaa572d-617c-4469-acdb-becf07c450b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12685
x-amzn-requestid: 9cf276ba-fead-4650-8993-4202aa433b36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aA5oEHHooAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6349d633-27a8539a2333baf551efccc6;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 21:35:47 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: f7YpiBYH4cZJfq4-UtQsIRgMrDF1N8p-WSIW6_G6vOFsl1v2MgOVEA==
via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 21:47:28 GMT
age: 54865
etag: "6e88822b66f398cd508f359fafc1fd06b0e77e6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
imgallery.llsvr.com/5edfb59a6de2e.jpg
172.67.163.151200 OK 40 kB URL HTTP/2 imgallery.llsvr.com/5edfb59a6de2e.jpg
IP 172.67.163.151:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 60", baseline, precision 8, 800x542, components 3\012- data
Hash c6cf8355376b79fbaf284b58c980499c
da2dc2665b0eccbe1cbc9f82dc9f6eae025c4f3b
3aa12ff81986a4b23c014af2e88596a91349d3c9cae071f57ac68f888c2d4ed8
GET /5edfb59a6de2e.jpg HTTP/1.1
Host: imgallery.llsvr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:54 GMT
content-type: image/jpeg
content-length: 39546
last-modified: Sat, 05 Mar 2022 06:26:05 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKMy3EL5494RhsggqPJUINI4qRXfahv%2FnzuoYUb15E7156no64DLKN%2BtjZpKPHRBIhUE64bly%2FkMQ1LAwaLVc0539A3duFvFTHnVcThduFLJg1uF0ZTah%2BU7RXjdS7UEALaSaRI%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a8bef75f0b0b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 430d40d463ab463c18e72289a2976d95
2c6b1879a18bd85fccea9fa655ae2b1891bbcd5a
c4b5c3420e2841031ddaf3c787852222b27eba7e0056d4822b2ece406a85ea14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3200
Cache-Control: max-age=169453
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 13:01:54 GMT
Etag: "634a95af-117"
Expires: Mon, 17 Oct 2022 12:06:07 GMT
Last-Modified: Sat, 15 Oct 2022 11:12:47 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
cdn.gravitec.net/fonts/lato.woff2
45.133.44.4200 OK 14 kB URL HTTP/2 cdn.gravitec.net/fonts/lato.woff2
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
File type Web Open Font Format (Version 2), TrueType, length 14044, version 1.0\012- data
Hash 129179c4eeb1d784d3d3ad95e0b35905
f75444b5ef6205ee4301d632adf17e28985b0840
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
GET /fonts/lato.woff2 HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:54 GMT
content-type: application/octet-stream
content-length: 14044
server: nginx
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
etag: "61fa486f-36dc"
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
access-control-allow-origin: *
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
216.58.207.195200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 10 Oct 2022 21:09:42 GMT
expires: Tue, 10 Oct 2023 21:09:42 GMT
cache-control: public, max-age=31536000
age: 402732
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 19:34:08 GMT
expires: Thu, 12 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 235666
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/webfonts/fa-regular-400.woff2
172.64.133.15200 OK 13 kB URL HTTP/2 use.fontawesome.com/releases/v5.15.4/webfonts/fa-regular-400.woff2
IP 172.64.133.15:0
File type Web Open Font Format (Version 2), TrueType, length 13224, version 331.-31196\012- data
Hash b91d376b8d7646d671cd820950d5f7f1
13517529affa39e2585c591acae6dc336b6aa917
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
GET /releases/v5.15.4/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:54 GMT
content-type: font/woff2
content-length: 13224
x-amz-id-2: QPlSz5oFfQEXsx8dillX0Qy1owGMpRCrSl+wRatoEQfN4uoNOmyNiPYkRXxdSMBALOlGFK6exfE=
x-amz-request-id: F09HDRAX2PKWAQ7D
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:47 GMT
etag: "b91d376b8d7646d671cd820950d5f7f1"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 268666
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyvZ9xll8Z61orxOc260nX6OnI%2BgZoE%2BuBkTUC3PS%2Fr%2FYboU1czz5dH0wLs%2BZ5dRggYp5R5iR8dsjfZ0rhhdcahtQDBrPKVTqjIs%2Bu0qBdmNMDFRnBkSt4zuFVy8H85eLPRC69s9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75a8beffbf8376e4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/all.css
IP 172.64.133.15:0
GET /releases/v5.15.4/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:46 GMT
content-type: text/css
x-amz-id-2: HbM7ijn2Ff9X/1Vt9XeVXF531DG0bzvcTq5CZSGkm/YMoq0CXvSjXF4xJx2aLZ49QpK6+nYyLf0=
x-amz-request-id: 2HZ8KB750WAR2JFJ
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 30577167
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JH5c9HF%2FbMyyIkWHPsfVAlYgzeY%2BPcJeYx3poO61CPAC%2FXjaionLzYOzKcNdHxrptRFEC1fj3rh9MN%2BX0ptR5MIBQqrcz6TSodUIKzqDx7VIhMYymfr7Y1jzkjVlNojmlEKnm9T0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a8becb697c76fb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/free/243-cloud/editor/js/group-jq.js
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/free/243-cloud/editor/js/group-jq.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /builds/free/243-cloud/editor/js/group-jq.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:48 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"ed710a097ec10ed3e2e1403b9380da89"
last-modified: Sat, 17 Sep 2022 10:20:54 GMT
x-amz-id-2: SLhm2YYqBbAQyu/FBSyKnXZCcQ0E6HElZoDpAUXawrpiwSqxBtDPgDXIiwiQdowIeRpJkzOe7ls=
x-amz-request-id: FX4ZKY6W0WT9GP45
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/17/2022 10:52:16
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/243-cloud/editor/js/group-jq.js>; rel="canonical"
cdn-status: 200
cdn-requestid: 5f7eac3214d686e4a7db4a285860a624
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.redbubble.com/assets/external_portfolio.js
172.64.153.8301 Moved Permanently 0 B URL HTTP/2 www.redbubble.com/assets/external_portfolio.js
IP 172.64.153.8:0
GET /assets/external_portfolio.js HTTP/1.1
Host: www.redbubble.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 15 Oct 2022 13:01:48 GMT
location: https://d1ielco78gv5pf.cloudfront.net/assets/external_portfolio.js
cache-control: max-age=3600
expires: Sat, 15 Oct 2022 14:01:48 GMT
set-cookie: __cf_bm=8Vjdp6Xf.Z2Rx2ayLgRGQDxyHs37SjuC4TtkMRCbZaw-1665838908-0-AYB7K3ch35WZvJl/HpeSRhSXiDWuWCF3j/MHMY9aUO4Z6Z4dG4aclI1H7KEYZklv/+/b8OmHoNrOh78mWcL62uM=; path=/; expires=Sat, 15-Oct-22 13:31:48 GMT; domain=.redbubble.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a8bed7df1d1bfa-OSL
X-Firefox-Spdy: h2
llclickpro.com/trackr.css?v=29
172.67.188.246200 OK 0 B URL HTTP/2 llclickpro.com/trackr.css?v=29
IP 172.67.188.246:0
GET /trackr.css?v=29 HTTP/1.1
Host: llclickpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/MCTGlanding/tab
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:46 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=12271
last-modified: Tue, 28 Jun 2022 06:00:22 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4207
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irNjez8OfD0lQqthMKD1VXLP99pelIrB%2BOJ5eiwENNvhrldTscu7f2TfjMGnPLnlbP3d7sQ7Kbvr2zHOsrC0VBKBk%2Bu165Z8x2pVceSvdMFbuqxGzFM0KVWJBtD%2FzmqayQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a8becacfccb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
z5traffic.com/t/matomo.js
44.207.227.139404 Not Found 0 B URL HTTP/2 z5traffic.com/t/matomo.js
IP 44.207.227.139:0
GET /t/matomo.js HTTP/1.1
Host: z5traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 15 Oct 2022 13:01:46 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.16.1
vary: Accept-Encoding
x-powered-by: PHP/7.4.12
cache-control: no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
www.youtube.com/embed/aWzlQ2N6qqg?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/aWzlQ2N6qqg?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
IP 142.250.74.174:0
GET /embed/aWzlQ2N6qqg?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 15 Oct 2022 13:01:48 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=QxF6EwpoXQ0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=H1VEVhxULoA; Domain=.youtube.com; Expires=Thu, 13-Apr-2023 13:01:48 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+590; expires=Mon, 14-Oct-2024 13:01:48 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t-adbar1.com/_kc1h
44.196.228.151200 OK 0 B IP 44.196.228.151:0
GET /_kc1h HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:45 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
set-cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Mon, 14-Nov-2022 13:01:45 GMT; Max-Age=2592000; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Im45VVA0TzRWUlwvOThFQktMXC9Nb1VOQT09IiwidmFsdWUiOiJMbTBNOGZTK0hlV085SEpQZEpkSVFnPT0iLCJtYWMiOiIxZDIxOTA5NDBlZDAyZGU3ZjI3NzAyN2U0MDAxMjNjZTQ2MjdkODUxZjVjOTYyMWIxMWIwZWQ3ZmE1NmU3YzM5In0=&abc=
44.196.228.151200 OK 0 B URL HTTP/2 t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Im45VVA0TzRWUlwvOThFQktMXC9Nb1VOQT09IiwidmFsdWUiOiJMbTBNOGZTK0hlV085SEpQZEpkSVFnPT0iLCJtYWMiOiIxZDIxOTA5NDBlZDAyZGU3ZjI3NzAyN2U0MDAxMjNjZTQ2MjdkODUxZjVjOTYyMWIxMWIwZWQ3ZmE1NmU3YzM5In0=&abc=
IP 44.196.228.151:0
GET /_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Im45VVA0TzRWUlwvOThFQktMXC9Nb1VOQT09IiwidmFsdWUiOiJMbTBNOGZTK0hlV085SEpQZEpkSVFnPT0iLCJtYWMiOiIxZDIxOTA5NDBlZDAyZGU3ZjI3NzAyN2U0MDAxMjNjZTQ2MjdkODUxZjVjOTYyMWIxMWIwZWQ3ZmE1NmU3YzM5In0=&abc= HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/_kc1h
Connection: keep-alive
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:45 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
set-cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Mon, 14-Nov-2022 13:01:45 GMT; Max-Age=2592000; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
trafficadbar.com/bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/
52.202.155.140200 OK 0 B URL HTTP/2 trafficadbar.com/bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/
IP 52.202.155.140:0
GET /bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/ HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:48 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/118-cloud/js/preview.pro.js
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/118-cloud/js/preview.pro.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /builds/pro/118-cloud/js/preview.pro.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:48 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"376301a49a35c0a3d8c900bab8ed70b3"
last-modified: Sat, 17 Sep 2022 10:22:32 GMT
x-amz-id-2: hXxyDnvANKJ7QhMq+T1/iPji9+mCiOIFLLzoNPZVrcIUBeRkkl9luRRabs5ARshSRKJlG5KK4Kw=
x-amz-request-id: 58Z7PQ4X4YEJD8WF
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/17/2022 10:52:09
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/118-cloud/js/preview.pro.js>; rel="canonical"
cdn-status: 200
cdn-requestid: 811e9967ed4a1da25dee3306345c3006
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdn.gravitec.net/storage/651b3da8463250405063839a2450c723/client.js
45.133.44.4200 OK 0 B URL HTTP/2 cdn.gravitec.net/storage/651b3da8463250405063839a2450c723/client.js
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
GET /storage/651b3da8463250405063839a2450c723/client.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:48 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Thu, 10 Mar 2022 09:36:39 GMT
etag: W/"6229c6a7-100fb"
expires: Thu, 10 Mar 2022 10:12:22 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: REVALIDATED
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
IP 172.64.133.15:0
GET /releases/v5.15.4/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:46 GMT
content-type: text/css
x-amz-id-2: pS02KBmPb/XBzxcJI6edHtjwei1Yl7A4pauVd2+OEN9eTzA3MYRX7BjUFE7/kjRSacoavSnb2Zk=
x-amz-request-id: YMBXQGDG68HQ6FGT
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"a034d3c71bee546f625877d7932917f8"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 274510
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1U9AdBMB96FQBn6eaoazX0hmxk6Hh8%2Fw4oHjjDbfe8gwfPbm7q%2BQB9RjkIPV7tR1gFYXoJKKhvN4qQAk7E2d5HZzrecclyQC%2FtepYWGrYfrG3n3dMqF4DA7AkJEt14qmGsKpDUKL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a8becb698676fb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
llclickpro.com/trackr.js?v=54
172.67.188.246200 OK 0 B URL HTTP/2 llclickpro.com/trackr.js?v=54
IP 172.67.188.246:0
GET /trackr.js?v=54 HTTP/1.1
Host: llclickpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/MCTGlanding/tab
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:46 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=15670
last-modified: Wed, 07 Sep 2022 02:09:38 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2Fe8gOU9YKI5yDXbIPlm3hk1Z%2FbZuVJQ%2FfqcQGDpDUSqfiSWttyf%2F0wjuWMqCS6L9wp51wXDxJCNqdQZJe4SgaH5Afrh0%2BDRzp8TaLs7sgsBM6QhiSpw6h4dxrp2LW3dug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a8becadfd7b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.gravitec.net/sdk/web/configs?appKey=651b3da8463250405063839a2450c723
45.133.44.4200 OK 0 B URL HTTP/2 cdn.gravitec.net/sdk/web/configs?appKey=651b3da8463250405063839a2450c723
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
GET /sdk/web/configs?appKey=651b3da8463250405063839a2450c723 HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:48 GMT
content-type: application/json
server: nginx
x-correlation-id: 031452b95ef3b5a85db8e6b5954cad5b
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: MISS
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/118-cloud/js/group-3.pro.js
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/118-cloud/js/group-3.pro.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /builds/pro/118-cloud/js/group-3.pro.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:48 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"2604bf6ee4e609bdbfbb94c31adcd63d"
last-modified: Sat, 17 Sep 2022 10:22:32 GMT
x-amz-id-2: f1PQnymvBRR690YjbYEWL+plG9P9yrr6Gh2fHB+igqIxCJ7ibJbN7uSA+kTeDmnjLvAOUtR6G8s=
x-amz-request-id: DNF1NHMEM3741C15
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/15/2022 13:01:48
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/118-cloud/js/group-3.pro.js>; rel="canonical"
cdn-status: 200
cdn-requestid: 2979fadd056b7eda0d6fc74541af910a
cdn-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
w.leadsleap.com/php.php?ll_id=w92462&ll_sr=&ll_r=scsa7588&ll_tbo=&ll_hc=%23e22121&ll_tc=%23555a69&ll_cc=%238d9aa6&ll_bc=%23ffffff&ll_dc=%238891a8&ll_w=300&ll_fh=auto&ll_h=250&ll_b=&ll_n=6&ll_fs=&ll_ff=&ll_pa=0&ll_bgc=&ll_s=w&ll_br=&ll_cl=&ll_nc=1&ll_nf=0&ll_nh=0&ll_nm=0&ll_np=1&ll_fo=&ll_no=&ll_so=&ll_nt=0&ll_wt=1&ll_url=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&ll_rf=https%3A%2F%2Fllclickpro.com%2F
104.26.9.147200 OK 0 B URL HTTP/2 w.leadsleap.com/php.php?ll_id=w92462&ll_sr=&ll_r=scsa7588&ll_tbo=&ll_hc=%23e22121&ll_tc=%23555a69&ll_cc=%238d9aa6&ll_bc=%23ffffff&ll_dc=%238891a8&ll_w=300&ll_fh=auto&ll_h=250&ll_b=&ll_n=6&ll_fs=&ll_ff=&ll_pa=0&ll_bgc=&ll_s=w&ll_br=&ll_cl=&ll_nc=1&ll_nf=0&ll_nh=0&ll_nm=0&ll_np=1&ll_fo=&ll_no=&ll_so=&ll_nt=0&ll_wt=1&ll_url=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&ll_rf=https%3A%2F%2Fllclickpro.com%2F
IP 104.26.9.147:0
GET /php.php?ll_id=w92462&ll_sr=&ll_r=scsa7588&ll_tbo=&ll_hc=%23e22121&ll_tc=%23555a69&ll_cc=%238d9aa6&ll_bc=%23ffffff&ll_dc=%238891a8&ll_w=300&ll_fh=auto&ll_h=250&ll_b=&ll_n=6&ll_fs=&ll_ff=&ll_pa=0&ll_bgc=&ll_s=w&ll_br=&ll_cl=&ll_nc=1&ll_nf=0&ll_nh=0&ll_nm=0&ll_np=1&ll_fo=&ll_no=&ll_so=&ll_nt=0&ll_wt=1&ll_url=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&ll_rf=https%3A%2F%2Fllclickpro.com%2F HTTP/1.1
Host: w.leadsleap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 15 Oct 2022 13:01:53 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QeGQIkwpYwLdAxkZ2ZBkmizjOWJerA%2FsfB7A7C0CNmnGs9BhDhHZXp6OR2YBifvTTD3w0HwCrFN282jnvDfMlh8GgM9V17CLTbRQVHk%2FR5zMIQ%2FNJfAEhD3ZkX09gpOdcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75a8bef73bdffab8-OSL
content-encoding: br
X-Firefox-Spdy: h2