trafficadbar.com/_kc1h
302 Found 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_kc1h HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 27 Jan 2023 02:33:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Set-Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Sun, 26-Feb-2023 02:33:45 GMT; Max-Age=2592000; SameSite=Lax
Location: https://t-adbar1.com/_kc1h
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21141
Expires: Fri, 27 Jan 2023 08:26:06 GMT
Date: Fri, 27 Jan 2023 02:33:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3759
Expires: Fri, 27 Jan 2023 03:36:24 GMT
Date: Fri, 27 Jan 2023 02:33:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6022
Expires: Fri, 27 Jan 2023 04:14:07 GMT
Date: Fri, 27 Jan 2023 02:33:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 01:42:58 GMT
content-type: application/json
age: 3047
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: r0Nc0nAOizY//HVzqMPY6suHr7NGTJbjpkTrnpc2IomFU3mCl+sMSt8Bo4VN0iE8cupxUlicdig=
x-amz-request-id: VZK3S4JFT394P9WV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 02:20:21 GMT
age: 804
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 02:33:45 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ebb2a4cb8acaa0193579c4239ac26719
43ada212e5d0cc1c05f10714d458f3f3f5914a98
f84cff5e448b3bdf7a157765568de18bd2d44c6fbaf22353b1bfbfacf667e6ce
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=166973
Date: Fri, 27 Jan 2023 02:33:46 GMT
Etag: "63d319c8-1d7"
Expires: Sun, 29 Jan 2023 00:56:39 GMT
Last-Modified: Fri, 27 Jan 2023 00:24:40 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TECg7GBM0RGR_yHsFOWgKr3Cdxjz70KOE1K0h9GE5OtLjmMQmLSnbw==
Age: 1919
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 01:49:02 GMT
age: 2684
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
t-adbar1.com/favicon.ico
302 Found 138 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /favicon.ico HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Fri, 27 Jan 2023 02:33:46 GMT
content-type: text/html
content-length: 138
location: https://trafficadbar.com/favicon.ico
server: nginx
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2742
Expires: Fri, 27 Jan 2023 03:19:28 GMT
Date: Fri, 27 Jan 2023 02:33:46 GMT
Connection: keep-alive
t-adbar1.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
302 Found 138 B URL HTTP/2 t-adbar1.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6IlJ2aWVISDNwTjRyK0VjWkptc0FXTEE9PSIsInZhbHVlIjoib0c0ZlZkTnRvZFliTUM2WmpLTUM2dz09IiwibWFjIjoiZTkwM2UxNTE5NjUwODllOWQ2YmZjYjUwMGQ3OTI4ZWQzZjRmYzZlY2EyYTc3NzA4Y2I1MGNmN2ZmM2M5YTVlMiJ9&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Fri, 27 Jan 2023 02:33:46 GMT
content-type: text/html
content-length: 138
location: https://trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
server: nginx
X-Firefox-Spdy: h2
t-adbar1.com/assets/BarController.js
200 OK 1.1 kB URL HTTP/2 t-adbar1.com/assets/BarController.js
IP
File type ASCII text, with very long lines (1068), with no line terminators
Hash efa0db095e35eb95ee151016e47c492b
82a86e0cdbbe5f4a1634b2274f076dbaa053b86e
5adfd45bc89f7c5d9bb06fafb7caf0f317f54849db006ad49301f027ad6ece4c
GET /assets/BarController.js HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6IlJ2aWVISDNwTjRyK0VjWkptc0FXTEE9PSIsInZhbHVlIjoib0c0ZlZkTnRvZFliTUM2WmpLTUM2dz09IiwibWFjIjoiZTkwM2UxNTE5NjUwODllOWQ2YmZjYjUwMGQ3OTI4ZWQzZjRmYzZlY2EyYTc3NzA4Y2I1MGNmN2ZmM2M5YTVlMiJ9&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:46 GMT
content-type: application/javascript
content-length: 1068
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
etag: "60c06a82-42c"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ebb4268c0530354f41b7c50a1e4e794b
0cf95e9800a9f60fa8716c390e6bcedd0106e8c7
8f92a04a497706e8438b55bbc4357742ff1ce069393a6fba9c2263df476173ea
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=127899
Date: Fri, 27 Jan 2023 02:33:46 GMT
Etag: "63d28216-1d7"
Expires: Sat, 28 Jan 2023 14:05:25 GMT
Last-Modified: Thu, 26 Jan 2023 13:37:26 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OAGAPaeHtPRxQ0Ida4W0j69Bh6rIzRxt_sMw9rqwH2LBUAZLKnqWvg==
Age: 1680
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: j0bKp7fb6nPA0QC/s9eDkg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dlIioUx0N53h8GvIqIA5oBRd0ys=
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash f351330e2726cb9695c074b246f32959
37929d50b5489c80d424bcf73f3c6ef4f0703fc6
1dbb7f458fd447eadb4bc7fba72cddcc721dfec44c56821fd6187d5799669d4e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 27 Jan 2023 02:33:47 GMT
Last-Modified: Fri, 27 Jan 2023 01:32:15 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3IGIawztJc93x1OMhHOn8oBgq5skqcst4SOEba5_wRHhdz9eFyGaFA==
Age: 3693
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
File type ASCII text, with very long lines (32065)
Hash 63827323c175768ccb0e8ed54589a3e5
9760e238d6ecced66396798559f70593793d801e
196f9479a27db836a2a7454e222f0cb52d4eeb162e0a50e69401ba1a8d81b564
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 26909
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e4a"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 512273
expires: Wed, 17 Jan 2024 02:33:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BB39wFE4Ju%2Fqram9bPNCYoi6HykXIRrPamXox2NOitxqp7pyFNSkntIRsuO5kJtIxGctQqFWv1xRwsUWVvLQHdGO7o4aKJ8DwR4i8tBjJjJcpeBWCboj50mz0a%2BipFTTrIdYyihT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78fe15e61af3b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/ui/1.11.4/jquery-ui.min.js
200 OK 64 kB URL HTTP/2 code.jquery.com/ui/1.11.4/jquery-ui.min.js
IP
File type ASCII text, with very long lines (32035)
Hash 28749bfe6af321b7c932452b38ce8683
2b444e3dee68a935213db86fd188c22883a65683
9110cdde7eb592e332cf7fa4347e5b3b17a2868ecde80d0c4a054bf0dd5a03b2
GET /ui/1.11.4/jquery-ui.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://llclickpro.com
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:47 GMT
content-encoding: gzip
content-length: 64296
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-3ab2b"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1674786827.dop206.sk1.t,1674786827.cds009.sk1.hn,1674786827.cds020.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 3.8 kB IP
Hash 1f3b6d4a7a02cc264067136f912d1faa
11b0bc392ab7e8aad798e8fde8c976226fdeb919
71f35519a443003c9448f2c8781fa9b37d51cb7b0a334911a8d283eaeba00b7d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1260
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:47 GMT
Last-Modified: Fri, 27 Jan 2023 02:12:47 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
200 OK 2.2 kB URL HTTP/2 trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
IP
Hash 78787358b0f450a776f71f304192608f
acb790e52140544362464bcebda1686b455d7164
73d3b3bbc1f97a95677bed52e1fadca4bf430ee53f497f6c5ee0d3320b84e1d4
GET /50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:47 GMT
content-type: image/jpeg
server: nginx
vary: Accept-Encoding
expires: Sun, 26 Feb 2023 02:33:46 GMT
pragma: public
cache-control: max-age=2591999
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/all.css
200 OK 13 kB URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/all.css
IP
File type ASCII text, with very long lines (59119)
Hash 7de63d2588b71dbd8e4a670633b718da
57d67f9d808d60bd4cc944cce406f6b16655c8f4
2371b7e87977de5cb6b90fde2e3277d8097d2c9abdffd7ceb5103ab211ac490f
GET /releases/v5.15.4/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:47 GMT
content-type: text/css
x-amz-id-2: HbM7ijn2Ff9X/1Vt9XeVXF531DG0bzvcTq5CZSGkm/YMoq0CXvSjXF4xJx2aLZ49QpK6+nYyLf0=
x-amz-request-id: 2HZ8KB750WAR2JFJ
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2611359
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJjSL4QqXelDiQsMazSNkBwvwpuSn3eydL9z5gzl2XS9zL0uYp29avd3lbaDUIfxDprboEmcjGzHAftZsB6xerrHhn7z1pmChlS7eBHM58G4aMeBxGneSQJX6CgGBIIy0qrJ6mU3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fe15e6bff17756-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
imgavatar.llsvr.com/scsa7588.m.jpg
200 OK 4.6 kB URL HTTP/2 imgavatar.llsvr.com/scsa7588.m.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 100x100, components 3\012- data
Hash 8c8ff51f6858c6fb1b8ace70a73759e9
5388d61308b409e08a0507b4364615a746fdd254
44317f0e3df8fda2e8eaf878a91a42d79c566823fe872f5448367186e6671ad2
GET /scsa7588.m.jpg HTTP/1.1
Host: imgavatar.llsvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:47 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Sun, 26 Jun 2022 06:42:15 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drVwE%2BBAvT%2Fu7GT5H0sRySyFwJDzFLw0kdNWTi%2FXH48xoRawGrbG1hEc0mTNFzjNcr8WY2sTqQOdRnO%2FrwfaJZglyQC9LEL6H5DRhVxZQN2fXK40Y96mP8i49HVfhb27H0c06HDz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fe15e678651c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13580
Expires: Fri, 27 Jan 2023 06:20:08 GMT
Date: Fri, 27 Jan 2023 02:33:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13580
Expires: Fri, 27 Jan 2023 06:20:08 GMT
Date: Fri, 27 Jan 2023 02:33:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13580
Expires: Fri, 27 Jan 2023 06:20:08 GMT
Date: Fri, 27 Jan 2023 02:33:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13580
Expires: Fri, 27 Jan 2023 06:20:08 GMT
Date: Fri, 27 Jan 2023 02:33:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13580
Expires: Fri, 27 Jan 2023 06:20:08 GMT
Date: Fri, 27 Jan 2023 02:33:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b8fa26c-af88-46ea-a5c6-1122db65d6d4.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b8fa26c-af88-46ea-a5c6-1122db65d6d4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3605538118d3aaef721a03d482b0f9a
2e2e770d552a05a0f24f4bbb1110266440b2bf76
1011d275125968599a8dd082810deca07e82770efad760b3f1ebf7f74ebab78e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b8fa26c-af88-46ea-a5c6-1122db65d6d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9063
x-amzn-requestid: 8eb82d16-63f8-4e6e-b9fe-1795c7703c03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIgq2EbSoAMFUwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce178-67a0958d7cd1f132605d93be;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:10:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: aTjiRrFeeC6zT_NzPDvKNs-aV__tUniMFfbwxsn1eIf3NQzXxgYETA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:47:53 GMT
age: 67555
etag: "2e2e770d552a05a0f24f4bbb1110266440b2bf76"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 869cdfba2637cc932ce387317a3c485e
51d87a5223d87c959bf27b2a825dce0a28f52ada
6dc4247dd3110836195f9962463bd8265be89633e9e589bf19955991751c26fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5669
x-amzn-requestid: 17f6235c-d495-4813-9453-407331e0dcad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1ZSH4fIAMFxeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c3b-67ff5c7f416727670e7c3b21;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KGNpzuI2ny_1LH90atWa09SPYG7Ovolbv_KvL8nC6fUk59z-6TFsMQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 03:05:04 GMT
age: 84524
etag: "51d87a5223d87c959bf27b2a825dce0a28f52ada"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:15:25 GMT
age: 69503
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e7158416f60576804ccff03307319fe
a342f94625e913fa6b8d862a59979f1e3ad80dd1
5c525df7d169cc7e033d920c11f4a0163a781c025a22b70530882b56964a9a52
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5737
x-amzn-requestid: 23239d1f-0228-4722-b826-40dc8c9a4af2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVzDbEacIAMFZtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d23215-1604c24e272fbb657b9925cc;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:56:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -_8PZoms7W6Lvw__KsoTwL_CzjfyWChzoSWDc9yCk9zCR8cTs87oNA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 16:31:35 GMT
age: 36133
etag: "a342f94625e913fa6b8d862a59979f1e3ad80dd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f238e33-a6e3-479a-920f-92a9c7bf1a06.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f238e33-a6e3-479a-920f-92a9c7bf1a06.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a3d856f57bcfd0bb18253cd77dd6541b
9d9680fb1a9232bb2b42b824dc11633666bfa31a
f2a03384e72a4d3350ee6addc49d6a507837eb195647016ea001e846eaccb0e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f238e33-a6e3-479a-920f-92a9c7bf1a06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6055
x-amzn-requestid: dd44b3ab-6248-419a-995a-f3aaf59dae77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLRhMFPYIAMF91g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdfc6d-4df410b022dbbb55297e6ac7;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:18:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c02qyu1rphr_LpUAQQRaTxlNGeEl-yKmVpshfKoWlsfKWiiciJURAw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 08:45:22 GMT
age: 64106
etag: "9d9680fb1a9232bb2b42b824dc11633666bfa31a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg
200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e96f3ea585b5fa8ed6446ed16e2b4b2
f90c205f370a2426dffe3c21b24bfa551b385556
6967ba25887f87200fcb39a3e6f065fd27596b2ebcf0d33a2751c655d6e724f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4272
x-amzn-requestid: 90778100-cfb9-46c5-b75d-caafc1fdbae9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEMjeEB1oAMFl8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb27af-5743a4b077fde951558d49bd;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 23:45:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ev8Pkhb87rHNaINJOl0VO5ze6SbLktZjmFANNbIOnVs74H8saNsmOg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 12:34:55 GMT
age: 50333
etag: "f90c205f370a2426dffe3c21b24bfa551b385556"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 05f08e5bd41dda3107c09ddb06ad59b2
caa4d907629afea182466cb434d0f140a5e06c3d
dac4be9a4c97cd9420e79b521e211f8fa3eaf8a0e921995d2bc10bdae6e649d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAC4BE9A4C97CD9420E79B521E211F8FA3EAF8A0E921995D2BC10BDAE6E649D5"
Last-Modified: Wed, 25 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 27 Jan 2023 08:33:48 GMT
Date: Fri, 27 Jan 2023 02:33:48 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 472 B IP
Hash 4de0a2c07af9d674b4330559e0e3c176
91232d1a9a9e52bcd97c15f328fff6f999e4f7f4
0e5ab169d122767f2679daafe16a724ef5c716b930b1e1967c2e58d75dad869a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:33:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 02:30:25 GMT
Expires: Tue, 31 Jan 2023 02:30:24 GMT
Etag: "91232d1a9a9e52bcd97c15f328fff6f999e4f7f4"
Cache-Control: max-age=344794,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fe15f21e930b45-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 4de0a2c07af9d674b4330559e0e3c176
91232d1a9a9e52bcd97c15f328fff6f999e4f7f4
0e5ab169d122767f2679daafe16a724ef5c716b930b1e1967c2e58d75dad869a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:33:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 02:30:25 GMT
Expires: Tue, 31 Jan 2023 02:30:24 GMT
Etag: "91232d1a9a9e52bcd97c15f328fff6f999e4f7f4"
Cache-Control: max-age=344794,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fe15f21db90b4d-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 018499275644e88f97fc499e33b74d62
534a55c53eeaffd0f14b67b15ac0049608d8870d
cb952a1354b1ecdd440a57cfa7337524ac2b86c08edf1969676c801c5ff19ad3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB952A1354B1ECDD440A57CFA7337524AC2B86C08EDF1969676C801C5FF19AD3"
Last-Modified: Wed, 25 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15538
Expires: Fri, 27 Jan 2023 06:52:47 GMT
Date: Fri, 27 Jan 2023 02:33:49 GMT
Connection: keep-alive
b-cloud.b-cdn.net/builds/pro/125-cloud/css/preview.pro.css
200 OK 42 kB URL HTTP/2 b-cloud.b-cdn.net/builds/pro/125-cloud/css/preview.pro.css
IP
ASN #34989 ServeTheWorld AS
File type assembler source, ASCII text
Hash b4d38fb8298358c316cf9043f7c72916
179155b68ee21a13bbf93e265c29c8febc684ae6
5d061cf16973f5f05b4a4d544b7d7dc8db8126537a31f1446bc9fa85781c27ee
GET /builds/pro/125-cloud/css/preview.pro.css HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:49 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"f3f0dd081c22ea4c2d62434b45b53cf5"
last-modified: Mon, 26 Dec 2022 09:01:55 GMT
x-amz-id-2: BhXONLyi3E9f1ETwIrJ39y1+Y5BTIjCvgN88Norbz3QZke1/XsFUZEeGc91/NfyV70fFayVs+uM=
x-amz-request-id: 79EMK9322WJBMSMF
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/26/2022 12:44:04
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/125-cloud/css/preview.pro.css>; rel="canonical"
cdn-status: 200
cdn-requestid: 6734de7962dc9a45381c9946b75495ad
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.morecouponstogo.com/uni-landing
200 OK 43 kB URL HTTP/2 www.morecouponstogo.com/uni-landing
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (7561)
Hash 3abc09eb5ef1ebb313c9bddc7865127c
4b20d32cef054faf65231a2a42f74653acf8f5d4
2e6d8ed7dc1a4caf4882f9c05a2bd28db453a9ed9c827903837119d23807789f
Analyzer Verdict Alert fortinet Phishing
GET /uni-landing HTTP/1.1
Host: www.morecouponstogo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 02:33:49 GMT
content-type: text/html; charset=UTF-8
content-length: 42675
x-brizy-preview: 1
vary: Accept-Encoding
content-encoding: gzip
x-varnish: 96948689 91558361
age: 127536
via: 1.1 varnish (Varnish/6.2)
x-cache: HIT
x-cache-hits: 1174
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-LRYZTN7NCV
200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LRYZTN7NCV
IP
File type ASCII text, with very long lines (19467)
Hash f1ed88b0b5fe1f21c9278011453fd43f
b6bcc527eb61f1ee15d7a2b5b3e74b49dec8b233
ba2b1aa18a7ec33aef3e0ffca6b3473dfb3b37c4ef8fc594548cbf6d36fbea1d
GET /gtag/js?id=G-LRYZTN7NCV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 27 Jan 2023 02:33:49 GMT
expires: Fri, 27 Jan 2023 02:33:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78214
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash cd836c6580de9059a45f56a3662bf6aa
8596699ea488c3a74da5914a8245a6071ff83260
9632b2564154e0c79bd8c4d874a2927e422c801525b4c06c3b8a6d605887b731
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:33:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 30 Jan 2023 23:41:35 GMT
ETag: "8596699ea488c3a74da5914a8245a6071ff83260"
Last-Modified: Thu, 26 Jan 2023 23:41:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2508
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78fe15f31f991c0a-OSL
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.scptp1.com/mnpw3.js
200 OK 33 kB URL HTTP/2 static.scptp1.com/mnpw3.js
IP
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 5367f38d08b91e50e1559d86a163845a
d09e56fc73519084fc305a604d24ee6c826137cc
92943c351cb9a897a060ad41e76260371c394e7ff2ff5c3aa0c4a1845975028c
GET /mnpw3.js HTTP/1.1
Host: static.scptp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:49 GMT
cache-control: max-age=791
content-encoding: gzip
content-length: 33017
content-type: application/javascript
last-modified: Fri, 20 May 2022 18:23:44 GMT
accept-ranges: bytes
x-amz-id-2: uTxXVBbzqfUFK1HcBvFVdNKg2CNrRgqbj3xkiZziKFJCB0bFMhtpkm1dPe9VOsBmPTZ8lhU/DHQ=
x-amz-request-id: 1MKZ6P6E4MZBVYP9
etag: "230a6a32fa9f803d57f681a669c7cafd"
server: AmazonS3
x-hw: 1674786829.cds069.sk1.hn,1674786829.cds262.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/external_portfolio.js
200 OK 368 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/external_portfolio.js
IP
File type ASCII text, with very long lines (656), with no line terminators
Hash b5ec16a6962b298f78b6cec8ea07c798
92156c23772de75b11fbb3842cff7aafb3f36d2f
a3b8c3ae6fd1b0a623464b1babc563fece01356823bd51f662c6fdc34e2fad26
GET /assets/external_portfolio.js HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 368
date: Tue, 17 May 2022 09:40:53 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-encoding: gzip
etag: "6282220d-170"
expires: Fri, 14 May 2032 09:40:53 GMT
last-modified: Mon, 16 May 2022 10:06:05 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9038fhWkOvpru5BA0ZIshSYWZNK7V31J7OqFNDHustg0SahNIpBoYQ==
age: 22006376
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 205fcc985a9cbeb0da81d9b6bd255f45
ffc5d49d8b8d44224cc4f6fc2fa8b07a1a10d5a7
f7e78c1f82c253fe550d7420afa1e1e69825716d54145851381a6a12a308f946
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=157485
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:49 GMT
Etag: "63d2fc3a-117"
Expires: Sat, 28 Jan 2023 22:18:34 GMT
Last-Modified: Thu, 26 Jan 2023 22:18:34 GMT
Server: nginx
Content-Length: 279
www.bestchange.com/js/banner.php?p=1276983
200 OK 3.3 kB URL HTTP/2 www.bestchange.com/js/banner.php?p=1276983
IP
Hash 6b7a549b3860733cb1ee6cd845a2145b
a891b77ae716006cc9f0781acfbff8e4cd8b2c2d
9aa7d6cc06fb4b8c62b876301aa9c497e2b0222e4feec9a8a45aa4a2a0128224
GET /js/banner.php?p=1276983 HTTP/1.1
Host: www.bestchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 02:33:49 GMT
content-type: application/x-javascript; charset=windows-1251
cache-control: public, max-age=86400
set-cookie: userid=1fb3941f4f1a4b31599c2adff3698383; expires=Mon, 24-Jan-2033 02:33:49 GMT; Max-Age=315360000; path=/
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/125-cloud/css/group-3-pro.css
200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/125-cloud/css/group-3-pro.css
IP
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /builds/pro/125-cloud/css/group-3-pro.css HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:49 GMT
content-type: text/css
content-length: 0
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 26 Dec 2022 09:01:55 GMT
x-amz-id-2: fc2zIvus9hITJhkgNBbGf7oMPTaGuiV+woHGjSCDKdFf0yNLc62hYrgMKiDyLXHv6Fg0UWFKsPQ=
x-amz-request-id: M1G1KFEDQ7DFTQ4R
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/27/2023 02:33:49
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/125-cloud/css/group-3-pro.css>; rel="canonical"
cdn-status: 200
cdn-requestid: 933cbebb5277ec907fb4232b71ab033a
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700|Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic|Dosis:200,300,regular,500,600,700,800&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
200 OK 47 kB URL HTTP/2 fonts.bunny.net/css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700|Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic|Dosis:200,300,regular,500,600,700,800&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
IP
ASN #34989 ServeTheWorld AS
Hash 0207c996fc179962b728752ed31239e3
537e713191fdddc073813e9be33531dd9fe50304
56edafcd6061b7aeda9379e8bffcd9b0b9b59f510ac79a5cb5ca813d84bfb7c7
GET /css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700|Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic|Dosis:200,300,regular,500,600,700,800&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:49 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
last-modified: Fri, 27 Jan 2023 02:33:49 GMT
x-do-app-origin: 1fb91846-e6b7-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/27/2023 02:33:49
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: c09dac9b61a24d60bfc971ad435fde78
cdn-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash a77ca486d6d61f1a4a061f1115711d0a
20c876143079103ce506f9e4b3e3df4edb756f8b
0cd3d85bc2dd9d337c3c4765a53353dde088914d1ffcb2d8ccbc05368e85cdea
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 27 Jan 2023 02:33:50 GMT
Last-Modified: Fri, 27 Jan 2023 00:48:58 GMT
Server: ECS (dcb/7F18)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FxFf_VE_lxHy_qMSRh-7PC9pvxejcwD60btz2z7lYqzTORa834rmCA==
Age: 6292
cdn.affiliates.one/production/admin_affiliates_com_tw/image_creative/6848/x1dmuwbyv2tjwywndwsoqvvuraktdtp1szujaobnu_cheapoair_468x60.gif?wl=8&image_creative_id=6848&offer_id=1481&offer_variant_id=1871&network_id=169&affiliate_id=17200&affiliate_offer_id=1826500
200 OK 14 kB URL HTTP/2 cdn.affiliates.one/production/admin_affiliates_com_tw/image_creative/6848/x1dmuwbyv2tjwywndwsoqvvuraktdtp1szujaobnu_cheapoair_468x60.gif?wl=8&image_creative_id=6848&offer_id=1481&offer_variant_id=1871&network_id=169&affiliate_id=17200&affiliate_offer_id=1826500
IP
File type GIF image data, version 89a, 468 x 60\012- data
Hash 97fea49af7bf619f505f90feb16ee6dc
e8d7deedfe00f192c37f176cd795b0a6caf2ea20
05f4606a5f2a901ca8bdd466d304ec19f4aae4bcdc9174eb3105303a1a477703
GET /production/admin_affiliates_com_tw/image_creative/6848/x1dmuwbyv2tjwywndwsoqvvuraktdtp1szujaobnu_cheapoair_468x60.gif?wl=8&image_creative_id=6848&offer_id=1481&offer_variant_id=1871&network_id=169&affiliate_id=17200&affiliate_offer_id=1826500 HTTP/1.1
Host: cdn.affiliates.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 13831
last-modified: Thu, 23 Oct 2014 04:46:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 26 Jan 2023 06:16:03 GMT
etag: "97fea49af7bf619f505f90feb16ee6dc"
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3fj_EcqCtNUAnx23j9sTbFolKkdoDhS4K88UAiQ9BzFQdEpuS20I5g==
age: 73068
X-Firefox-Spdy: h2
www.bestchange.com/images/banners/banner-bg.png
200 OK 658 B URL HTTP/2 www.bestchange.com/images/banners/banner-bg.png
IP
File type PNG image data, 468 x 60, 8-bit colormap, non-interlaced\012- data
Hash 004a29e6947ee2d16ff509ac76cc553f
ca1186cbe2e48aaab8acae2fde105d4b08d15ef2
39e8df19bafce1d8b59b430ab9125105c806b6f968810be670590ab77b026bb8
GET /images/banners/banner-bg.png HTTP/1.1
Host: www.bestchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 02:33:50 GMT
content-type: image/png
content-length: 658
last-modified: Sat, 12 Nov 2022 19:31:47 GMT
etag: "636ff4a3-292"
expires: Sun, 26 Feb 2023 02:33:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
twshop4coupon.com/track/imp/img/6848/ce2bc2b8910528c9bed6f77a9672c94824684fc975fbb9b20a61ba0266?subid_1=&subid_2=&subid_3=&subid_4=&subid_5=
302 Found 830 B URL HTTP/2 twshop4coupon.com/track/imp/img/6848/ce2bc2b8910528c9bed6f77a9672c94824684fc975fbb9b20a61ba0266?subid_1=&subid_2=&subid_3=&subid_4=&subid_5=
IP
Hash 95aced4092eeb81c304d8ec7d15f15e3
b889c7b564b0df102504d25332d188eb7d5ae551
c705c85d864b2ae8658ca2adf72e564b59911447fbd7b09854f0084c87a8a802
GET /track/imp/img/6848/ce2bc2b8910528c9bed6f77a9672c94824684fc975fbb9b20a61ba0266?subid_1=&subid_2=&subid_3=&subid_4=&subid_5= HTTP/1.1
Host: twshop4coupon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 27 Jan 2023 02:33:49 GMT
content-type: text/html; charset=utf-8
location: https://cdn.affiliates.one/production/admin_affiliates_com_tw/image_creative/6848/x1dmuwbyv2tjwywndwsoqvvuraktdtp1szujaobnu_cheapoair_468x60.gif?wl=8&image_creative_id=6848&offer_id=1481&offer_variant_id=1871&network_id=169&affiliate_id=17200&affiliate_offer_id=1826500
server: Apache/2.4.18 (Ubuntu)
cache-control: no-cache
x-request-id: 38e7726513ca7cebeb1237a5e4769185
p3p: CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV"
x-ua-compatible: IE=Edge,chrome=1
x-runtime: 0.127530
x-rack-cache: miss
x-powered-by: Phusion Passenger 5.1.12
status: 302 Found
X-Firefox-Spdy: h2
fonts.bunny.net/montserrat/files/montserrat-latin-700-normal.woff2
200 OK 13 kB URL HTTP/2 fonts.bunny.net/montserrat/files/montserrat-latin-700-normal.woff2
IP
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 12848, version 1.0\012- data
Hash f0b3206d02a2f684530117ce1d7e8ce0
f3708b707b65e241b0f1c819d5f7bf7da8412653
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
GET /montserrat/files/montserrat-latin-700-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:50 GMT
content-type: font/woff2
content-length: 12848
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aea096-3230"
last-modified: Fri, 30 Dec 2022 08:25:58 GMT
cdn-storageserver: SE-318
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:42:17
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: cc4abada47b29767808cb9e22c732b10
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/montserrat/files/montserrat-latin-600-normal.woff2
200 OK 13 kB URL HTTP/2 fonts.bunny.net/montserrat/files/montserrat-latin-600-normal.woff2
IP
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 12700, version 1.0\012- data
Hash e571167fbcce8d5081bce96a09930063
e12420f5e4da3ccdc75a58ce744e7d5a0c6cf79e
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
GET /montserrat/files/montserrat-latin-600-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:50 GMT
content-type: font/woff2
content-length: 12700
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aea094-319c"
last-modified: Fri, 30 Dec 2022 08:25:56 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:43:20
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f404969f5b195272ef76f77b9394f488
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.redbubble.com/assets/external_portfolio.js
301 Moved Permanently 10 kB URL HTTP/2 www.redbubble.com/assets/external_portfolio.js
IP
File type Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data
Hash 58e5c92fd1a1fc89b8ca6d74ce4793b8
337771c465778aeed6de18195e0cbe9d9098d299
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
GET /assets/external_portfolio.js HTTP/1.1
Host: www.redbubble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 27 Jan 2023 02:33:49 GMT
location: https://d1ielco78gv5pf.cloudfront.net/assets/external_portfolio.js
cache-control: max-age=3600
expires: Fri, 27 Jan 2023 03:33:49 GMT
set-cookie: __cf_bm=EO.10rZuUuYW_gpPv9TrTTJ1ksV1b.WmXY_UCWL9_5g-1674786829-0-AePKQ6uTeH1JkP7GiFCNxHp2VcSmHXmn+E4Jjw7EDs23h2CU1lMaklHe3eYmhpcp/qSnhkx9fJlylON2lyZuDa4=; path=/; expires=Fri, 27-Jan-23 03:03:49 GMT; domain=.redbubble.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fe15f2cf6bb4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 97ccaa279f6ade845b71b57615d40388
5186089108dca0136feab418da66a9e027c7e427
515128c713e98c9a0546c35d9a1e0719057136509b5b2312e4af56a9acc80ec2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.bunny.net/lato/files/lato-latin-400-normal.woff2
200 OK 24 kB URL HTTP/2 fonts.bunny.net/lato/files/lato-latin-400-normal.woff2
IP
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /lato/files/lato-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:50 GMT
content-type: font/woff2
content-length: 23580
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63ae91bd-5c1c"
last-modified: Fri, 30 Dec 2022 07:22:37 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:41:05
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 85ce66364d17af3f6176955b521f47a0
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/palanquin-dark/files/palanquin-dark-latin-400-normal.woff2
200 OK 20 kB URL HTTP/2 fonts.bunny.net/palanquin-dark/files/palanquin-dark-latin-400-normal.woff2
IP
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 20084, version 1.0\012- data
Hash 732c9716022aa43449564603e08aeb9b
477fa3a5c43696287d20b4b491e36d754d1c8866
37bb3776ce24d18cccdd5dc96199ad60c22afd1e190452a18e8c4fd2f8679a98
GET /palanquin-dark/files/palanquin-dark-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:50 GMT
content-type: font/woff2
content-length: 20084
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee486-4e74"
last-modified: Fri, 30 Dec 2022 13:15:50 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 11:51:15
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: c85de8a328e850bb953c4bd7f0aeb4c1
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/oswald/files/oswald-latin-400-normal.woff2
200 OK 9.8 kB URL HTTP/2 fonts.bunny.net/oswald/files/oswald-latin-400-normal.woff2
IP
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /oswald/files/oswald-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:50 GMT
content-type: font/woff2
content-length: 9840
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee207-2670"
last-modified: Fri, 30 Dec 2022 13:05:11 GMT
cdn-storageserver: SE-344
cdn-fileserver: 344
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:41:40
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 06e486cae91859f94b9f4d8fc5a07a08
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/palanquin-dark/files/palanquin-dark-latin-700-normal.woff2
200 OK 19 kB URL HTTP/2 fonts.bunny.net/palanquin-dark/files/palanquin-dark-latin-700-normal.woff2
IP
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 18824, version 1.0\012- data
Hash 0b8cbe6afbac36bab648231406851927
2f67e3adf1061cf82e075d636ae22bc4fca731ea
2c83b448afb8398f6ff0f1d684f125b13e0889b05c5041bb8ff4eb680a892089
GET /palanquin-dark/files/palanquin-dark-latin-700-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:50 GMT
content-type: font/woff2
content-length: 18824
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee488-4988"
last-modified: Fri, 30 Dec 2022 13:15:52 GMT
cdn-storageserver: SE-344
cdn-fileserver: 344
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/27/2023 02:33:50
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 638ea61df1881211746159988cf1efa0
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/roboto/files/roboto-latin-700-normal.woff2
200 OK 16 kB URL HTTP/2 fonts.bunny.net/roboto/files/roboto-latin-700-normal.woff2
IP
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /roboto/files/roboto-latin-700-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:50 GMT
content-type: font/woff2
content-length: 15860
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aef481-3df4"
last-modified: Fri, 30 Dec 2022 14:24:01 GMT
cdn-storageserver: SE-318
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:40:42
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: c074519a38d7aebbc706b0a127db1aef
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/montserrat/files/montserrat-latin-500-normal.woff2
200 OK 13 kB URL HTTP/2 fonts.bunny.net/montserrat/files/montserrat-latin-500-normal.woff2
IP
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 12820, version 1.0\012- data
Hash 3f2f6d9e64a95a40ea5dedfc91f42a95
9cd9f5a2f86f1d42390141d91619a0aa41a276b7
ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78
GET /montserrat/files/montserrat-latin-500-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:50 GMT
content-type: font/woff2
content-length: 12820
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aea091-3214"
last-modified: Fri, 30 Dec 2022 08:25:53 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:52:55
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ab4c63fe3e2554240da2a2e55529db22
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/dosis/files/dosis-latin-400-normal.woff2
200 OK 16 kB URL HTTP/2 fonts.bunny.net/dosis/files/dosis-latin-400-normal.woff2
IP
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 15548, version 1.0\012- data
Hash 72f419b6583f0c15692ee5267f26e75e
640f336a8ae14388e68aac134f0cf7bc0532f93b
ffcaf935e7915d062e0fafff6b452e48b14fc34433deae075ca25df0d0a8185c
GET /dosis/files/dosis-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:50 GMT
content-type: font/woff2
content-length: 15548
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63ae576e-3cbc"
last-modified: Fri, 30 Dec 2022 03:13:50 GMT
cdn-storageserver: SE-344
cdn-fileserver: 344
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:41:40
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 57c4fc81b08e63b808743f583177c84e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/dosis/files/dosis-latin-700-normal.woff2
200 OK 16 kB URL HTTP/2 fonts.bunny.net/dosis/files/dosis-latin-700-normal.woff2
IP
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 15812, version 1.0\012- data
Hash fb642139056cbcec784c39bcf88e0b1c
0c77dbc3daa6eb6a023a76b21b01d92dd48b36d2
4984b698fe9670d8f6ede29b233f94bd5c51ebd62534ece9cf6b6a0a54c7dba9
GET /dosis/files/dosis-latin-700-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:50 GMT
content-type: font/woff2
content-length: 15812
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63ae5771-3dc4"
last-modified: Fri, 30 Dec 2022 03:13:53 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/21/2023 23:20:55
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: b87ff798bcaf1d90d654004cc06cc40a
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 97ccaa279f6ade845b71b57615d40388
5186089108dca0136feab418da66a9e027c7e427
515128c713e98c9a0546c35d9a1e0719057136509b5b2312e4af56a9acc80ec2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a-cloud.b-cdn.net/media/iW=5000&iH=any/490959c65dfdccdc9a09816ddadc9b36/ipad-bottom.jpg
200 OK 15 kB URL HTTP/2 a-cloud.b-cdn.net/media/iW=5000&iH=any/490959c65dfdccdc9a09816ddadc9b36/ipad-bottom.jpg
IP
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x440, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ce9ef17f7044f19fa46fdd959cc7879c
d15e5584086b599fb7cd3703723f8592ed0b667f
bbf3a59b44fb391738521bf98065322dcdda29c2c40fa885c3a9c6e941d1e424
GET /media/iW=5000&iH=any/490959c65dfdccdc9a09816ddadc9b36/ipad-bottom.jpg HTTP/1.1
Host: a-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:50 GMT
content-type: image/webp
content-length: 15340
server: BunnyCDN-NO1-830
cdn-pullzone: 465925
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Fri, 27 Jan 2023 02:33:50 GMT
x-bo-server: DE-139
x-downloadsize: 18936
x-bo-origindownloadtime: 235
x-bo-processingtime: 3
x-bo-compressionratio: 18.99%
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/27/2023 02:33:50
cdn-edgestorageid: 830
link: <https://www.brizy.cloud/media/iW=5000&iH=any/490959c65dfdccdc9a09816ddadc9b36/ipad-bottom.jpg>; rel="canonical"
cdn-status: 200
cdn-requestid: f1b448006b5110cb8f2b04db9048ccfe
cdn-cache: MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 17147
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 35587
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 00720a2413c11265c1517fad0c1be5e4
fed87a1c9975c048e2fb09b6cea948125b6976bb
0811fb1c29fa2068fac890a96210e2d2107429ed796d0c79b318512c2a512089
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0811FB1C29FA2068FAC890A96210E2D2107429ED796D0C79B318512C2A512089"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3086
Expires: Fri, 27 Jan 2023 03:25:16 GMT
Date: Fri, 27 Jan 2023 02:33:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f6e5c12b6b6009c0094658dc382d878b
c5fe0fdf4ffc98e986c3b2a2ffcd2aff78a1ada5
938bf970d62bf58ad6146ad1a2341d1c41238509313068f1d703d29243d02dba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938BF970D62BF58AD6146AD1A2341D1C41238509313068F1D703D29243D02DBA"
Last-Modified: Thu, 26 Jan 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Fri, 27 Jan 2023 08:33:34 GMT
Date: Fri, 27 Jan 2023 02:33:50 GMT
Connection: keep-alive
wealthdnacode.com/img/aff/wealthdna-600x250.jpg
200 OK 134 kB URL HTTP/2 wealthdnacode.com/img/aff/wealthdna-600x250.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x250, components 3\012- data
Size 134 kB (134496 bytes)
Hash f8b1f97d806a7940765cecca6adf13d2
aa9d13148556c6baf8568f7b0b17f9e31c367b0b
eb6cd2974287d51b45838d016d9493cb2c211a8ee38709325f69ef0316f3c669
GET /img/aff/wealthdna-600x250.jpg HTTP/1.1
Host: wealthdnacode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 03 Feb 2023 02:33:50 GMT
content-type: image/jpeg
last-modified: Fri, 16 Sep 2022 07:01:26 GMT
accept-ranges: bytes
content-length: 134496
date: Fri, 27 Jan 2023 02:33:50 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
yazing.com/js/showdeals-yzwg.js?id=yzwg-00121c44992dbac71bfa6b2a9ef2bbdd&d=2050
200 OK 1.3 kB URL HTTP/1.1 yazing.com/js/showdeals-yzwg.js?id=yzwg-00121c44992dbac71bfa6b2a9ef2bbdd&d=2050
IP
Hash 1bf2bd339fc8d9a60c52c8261afb0563
c0bacf7055ab2bc2654bc9014ce67c43aefea261
69d8cab7b077ecb6b5cbcb3a8271cc0daf2c6f4449f567cb5afe7299cbbb13b3
GET /js/showdeals-yzwg.js?id=yzwg-00121c44992dbac71bfa6b2a9ef2bbdd&d=2050 HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:33:50 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Tue, 07 Jun 2022 08:14:40 GMT
ETag: "ee9-5e0d72e2d0111-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Content-Length: 1294
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
a-cloud.b-cdn.net/media/iW=101&iH=101&oX=0&oY=16&cW=101&cH=70/9b040f5e483e93a7cce7e811fc84b625/image.png
200 OK 2.0 kB URL HTTP/2 a-cloud.b-cdn.net/media/iW=101&iH=101&oX=0&oY=16&cW=101&cH=70/9b040f5e483e93a7cce7e811fc84b625/image.png
IP
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash 99f2f3bd994a519250122d235f0da5d3
80413556bfc2e3b9fa0e856200020d7bca6af5e5
fb40359f8a5bea55a10c3eb5c3fa4a2a6cd77eba854972e437f8b81d175fab37
GET /media/iW=101&iH=101&oX=0&oY=16&cW=101&cH=70/9b040f5e483e93a7cce7e811fc84b625/image.png HTTP/1.1
Host: a-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:50 GMT
content-type: image/webp
content-length: 2032
server: BunnyCDN-NO1-830
cdn-pullzone: 465925
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Fri, 27 Jan 2023 02:33:50 GMT
x-bo-server: DE-95
x-downloadsize: 3099
x-bo-origindownloadtime: 558
x-bo-processingtime: 0
x-bo-compressionratio: 34.43%
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/27/2023 02:33:50
cdn-edgestorageid: 830
link: <https://www.brizy.cloud/media/iW=101&iH=101&oX=0&oY=16&cW=101&cH=70/9b040f5e483e93a7cce7e811fc84b625/image.png>; rel="canonical"
cdn-status: 200
cdn-requestid: a39bd437aba6ec958bbdf6d07e96da22
cdn-cache: MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7b8dcc42710b2f68c0ec782d2b2a3ae3
b865da423aa26e774270b8e3942b6fbe76793133
2da0fcf67d020f7c563946fca7ade89803cbe7cfe484f123640f8a9950b3f2b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 37dce3efd55b962e0d26fdc3a1033e22
6453d72e70e36bd37ca1744d85ec9ca549629cf2
0b8f3eab1044d6159677c241e96e244f10d78fe339d37c94e65f8495b216f3bb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3160
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:51 GMT
Last-Modified: Fri, 27 Jan 2023 01:41:11 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/undefined/sdk.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/undefined/sdk.js
IP
File type ASCII text, with very long lines (1957)
Hash 5261c1b0b3c047c7025c7fc157795127
93e07623cf51cfc6b76774b875f8da71ad9874e3
3cbf29a486685d858202066a51dc647ed283ac1bb27e18b48b3612bd14f82535
GET /undefined/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 996aa14ae65c6244905facc8489e6f44
etag: "3004b90872b98668eda4c887e32d5c04"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 27 Jan 2023 02:39:45 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: UmHBsLPAR8cCXH/BV3lRJw==
x-fb-debug: X7ZZyhZm1eqaDHEJWMs11r3JXC/YpH4iSn5bDODIJqul6vmXp5COghhWQkzEEPwP2Nl/duX60R+rQMCWBQwx1Q==
content-length: 1687
x-fb-trip-id: 1679558926
date: Fri, 27 Jan 2023 02:33:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4770623398847220
200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4770623398847220
IP
File type ASCII text, with very long lines (3649)
Hash 67c616560c8bdd73f56ed9d172679f91
f1abb10265b4cf76f10a909a1e593d6d0955db50
3016056a58fad6811d054a0dd0e53aef5656b727f79643d67fed0436cacf825e
GET /pagead/js/adsbygoogle.js?client=ca-pub-4770623398847220 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 27 Jan 2023 02:33:51 GMT
expires: Fri, 27 Jan 2023 02:33:51 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17307054372132399502
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50003
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 37dce3efd55b962e0d26fdc3a1033e22
6453d72e70e36bd37ca1744d85ec9ca549629cf2
0b8f3eab1044d6159677c241e96e244f10d78fe339d37c94e65f8495b216f3bb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3160
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:51 GMT
Last-Modified: Fri, 27 Jan 2023 01:41:11 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7b8dcc42710b2f68c0ec782d2b2a3ae3
b865da423aa26e774270b8e3942b6fbe76793133
2da0fcf67d020f7c563946fca7ade89803cbe7cfe484f123640f8a9950b3f2b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yazing.com/css/showdeals-yzwg.css
200 OK 406 B URL HTTP/1.1 yazing.com/css/showdeals-yzwg.css
IP
Hash 67799b159cb3ef050044a77a2b3a9b45
886d44342cba8c02f846fc12bcce675f8356f1b3
4e3c99e3266b36b09cbb5bac828e08cf82ffe1d810c57049627da012ce92fcaa
GET /css/showdeals-yzwg.css HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:33:51 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Mon, 26 Apr 2021 12:38:43 GMT
ETag: "441-5c0df6d092f3d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Content-Length: 406
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
200 OK 99 kB IP
ASN #20940 Akamai International B.V.
Hash 6bc3e0f613a028c99c6b329f75ca1d33
efad561f29ddc5400d09f30099f963f35782c22a
f896ed63a17553f586d1da83855abddd02b76636717e8cb58bd6de0df53e851a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFED7E67FFBCA4CC78DC8C0454740754AFA25D45DBBB80F4C62BF51C8DB08C6C"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7523
Expires: Fri, 27 Jan 2023 04:39:14 GMT
Date: Fri, 27 Jan 2023 02:33:51 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash 79b86c03b02d42a04048d25dc84a5312
e9fd0c0d0fa8dd97edb31ddecb8ec1b2038a193d
c5033337fbe6c5edcf921ac7869c0ac46479aa9b1bab7dba4407870a2e9ff912
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:33:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 07:33:03 GMT
Expires: Wed, 01 Feb 2023 07:33:02 GMT
Etag: "e9fd0c0d0fa8dd97edb31ddecb8ec1b2038a193d"
Cache-Control: max-age=449350,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fe160059ad0b45-OSL
api.gravitec.media/api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=25ae2109-f5e3-4668-a996-55176a037c00&utmb=394b8c4c-74ed-40c8-a31b-c4e21e925d75&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F
201 Created 0 B URL HTTP/2 api.gravitec.media/api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=25ae2109-f5e3-4668-a996-55176a037c00&utmb=394b8c4c-74ed-40c8-a31b-c4e21e925d75&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=25ae2109-f5e3-4668-a996-55176a037c00&utmb=394b8c4c-74ed-40c8-a31b-c4e21e925d75&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F HTTP/1.1
Host: api.gravitec.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
server: nginx
date: Fri, 27 Jan 2023 02:33:51 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
x-correlation-id: 0287cf6b6da18b6a3eea60aa9a0cbdd1
X-Firefox-Spdy: h2
yazing.com/widget/ajax-show-deals
200 OK 5.9 kB URL HTTP/1.1 yazing.com/widget/ajax-show-deals
IP
File type JSON data\012- , ASCII text, with very long lines (5883), with no line terminators
Hash 46f08c799602ba5a49739d70c619a232
f448a05815627fb283ec048b621d28ce41fdcda3
dc3e4bdef4788cde8515029ada7ebde4f66ce8ddf3c48e7dc8bc6512b3e25015
POST /widget/ajax-show-deals HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 379
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:33:51 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: advanced-frontend=2v4u76od1ru7ifvlqkapre02to; expires=Sun, 26-Jan-2025 02:33:51 GMT; Max-Age=63072000; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Content-Length: 5883
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
yazing.com/uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png
200 OK 32 kB URL HTTP/1.1 yazing.com/uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png
IP
File type PNG image data, 156 x 156, 8-bit/color RGB, non-interlaced\012- data
Hash e73e4950ca69496813697388bd293d8e
5d318dc8a278e0557dd0a27001294b2bdfbbc67f
9b79ee4d11f956e94c8bf287a0f813bd48dc25f269f121685393abbb37e271e1
GET /uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:33:51 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sat, 08 Jan 2022 10:03:48 GMT
ETag: "7ee3-5d50f3844096e"
Accept-Ranges: bytes
Content-Length: 32483
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash deca6c7ee93a126e0e677e16c001466e
f1d68dec755013ca3e5475af3f302922abf04cdb
f90a93e6cb4a544183c007fe1ba40e1e0c9fe3dbbcbddfac28f9632733149ccc
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168575
Date: Fri, 27 Jan 2023 02:33:52 GMT
Etag: "63d3144c-1d7"
Expires: Sun, 29 Jan 2023 01:23:27 GMT
Last-Modified: Fri, 27 Jan 2023 00:01:16 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: M7mmM1muXKThVMXXJaNIxeyWE6sG_VMl5zo70tbCzJ94fnq7Y_TlYQ==
Age: 4932
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash deca6c7ee93a126e0e677e16c001466e
f1d68dec755013ca3e5475af3f302922abf04cdb
f90a93e6cb4a544183c007fe1ba40e1e0c9fe3dbbcbddfac28f9632733149ccc
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 27 Jan 2023 02:33:52 GMT
Last-Modified: Fri, 27 Jan 2023 01:17:35 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Rq8polysDxz0fUVp_S9CkWHaeriKtjqh9FZ4APCI_ZCURMRLgDrODw==
Age: 4577
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash deca6c7ee93a126e0e677e16c001466e
f1d68dec755013ca3e5475af3f302922abf04cdb
f90a93e6cb4a544183c007fe1ba40e1e0c9fe3dbbcbddfac28f9632733149ccc
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 27 Jan 2023 02:33:52 GMT
Last-Modified: Fri, 27 Jan 2023 01:17:35 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QaUqN2upgWg2-2InmdEdzYeSNQamx-xFi96SeOVeIbj3ERckiT9ehQ==
Age: 4577
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash deca6c7ee93a126e0e677e16c001466e
f1d68dec755013ca3e5475af3f302922abf04cdb
f90a93e6cb4a544183c007fe1ba40e1e0c9fe3dbbcbddfac28f9632733149ccc
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168131
Date: Fri, 27 Jan 2023 02:33:52 GMT
Etag: "63d3144c-1d7"
Expires: Sun, 29 Jan 2023 01:16:03 GMT
Last-Modified: Fri, 27 Jan 2023 00:01:16 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WPyePqWlTLuNC2wzxEe-qJNI9t0MCVualKUV8ytb8aMBYHYJkR03Mg==
Age: 4487
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash deca6c7ee93a126e0e677e16c001466e
f1d68dec755013ca3e5475af3f302922abf04cdb
f90a93e6cb4a544183c007fe1ba40e1e0c9fe3dbbcbddfac28f9632733149ccc
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 27 Jan 2023 02:33:52 GMT
Last-Modified: Fri, 27 Jan 2023 01:17:35 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ht-KuNcovCTaezATHzfkSr28Vr9WIGm98umQb3GChZbQSEPLtK-fQw==
Age: 4577
s3.amazonaws.com/logos.formetocoupon.com/120x60/27836.png
200 OK 3.3 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/27836.png
IP
File type PNG image data, 120 x 60, 8-bit colormap, non-interlaced\012- data
Hash ad3b47e4095300a2cd234133cb9c1069
07cd7eb1e77a549abb4d338ec013e74f1e953e89
af30f90306fc8fecc1cb1f1eebbcb35ad0579d86ac80d95df43827072c207a50
GET /logos.formetocoupon.com/120x60/27836.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 11wm6kJAkhb/FLetEsaMysCxiat30yeNk14+eo53lmzgpKDLYlZKNYBMHc8xQ7Vt00D8O0jmRuc=
x-amz-request-id: 9N8YZTFJ4Z27CJKB
Date: Fri, 27 Jan 2023 02:33:53 GMT
Last-Modified: Sun, 24 Jul 2016 01:07:10 GMT
ETag: "ad3b47e4095300a2cd234133cb9c1069"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3285
s3.amazonaws.com/logos.formetocoupon.com/120x60/41495.gif
200 OK 2.0 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/41495.gif
IP
File type GIF image data, version 89a, 120 x 60\012- data
Hash d2f9432727658dae3f83f905b720e305
f814726824af56cd6c5cfc6a3e8f30736984e58b
5e14a9409d7a07f212dcab8a0c71e09fb38b2e442f23f7c6eab7757dd29697ea
GET /logos.formetocoupon.com/120x60/41495.gif HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: bc+iVbAUYNhhXkMzVZVUWlEJOoM8UzEk9xsLGyM/k2Q10AfDI/dIfu60Dx9078bLlTe8mZ3WYqY=
x-amz-request-id: 9N8YKBDYDC4VY5E1
Date: Fri, 27 Jan 2023 02:33:53 GMT
Last-Modified: Sat, 23 Nov 2019 16:16:43 GMT
ETag: "d2f9432727658dae3f83f905b720e305"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 2041
s3.amazonaws.com/logos.formetocoupon.com/120x60/26292.jpg
200 OK 18 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/26292.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:05:06 13:24:49], progressive, precision 8, 120x60, components 3\012- data
Hash 86bd7a6bafb03bf977b5bfb6dbd9b257
21176a627ec49bf1e3b653af00bfe4d16169dc35
c0bef7c49b6a52426c3767318bc374b73b2fce0484651927d3523e675892b3cb
GET /logos.formetocoupon.com/120x60/26292.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: ucdevimj0SMdhSMSaKiY73+64OPEWhnz2nqZlkieZZp1hRqsAVYrtVmEgVyKZaHA0JvdPExYilw=
x-amz-request-id: 9N8R92H8Z113CGAK
Date: Fri, 27 Jan 2023 02:33:53 GMT
Last-Modified: Thu, 06 May 2021 11:26:02 GMT
ETag: "86bd7a6bafb03bf977b5bfb6dbd9b257"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 18036
googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html
200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230124/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 26 Jan 2023 03:25:09 GMT
expires: Thu, 09 Feb 2023 03:25:09 GMT
cache-control: public, max-age=1209600
age: 83323
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/22812.jpg
200 OK 21 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/22812.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:05:10 11:47:02], progressive, precision 8, 120x60, components 3\012- data
Hash c50c2bc85b52acb7876414f60b0546d7
0406422809a1b8ae63e41e15d67727953773b7b3
d5b066192ae9c6eb4912a385fd4cb645bd3f3bc1b2567087b062e030a0c23a38
GET /logos.formetocoupon.com/120x60/22812.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: CCo9Q502uWNhpV435tP2xMxgG2bHt/2Ifzg8Rk7GYC34RYGqEmjVuPAzwBT4ThoTMCBc8lLpgKU=
x-amz-request-id: 9N8X2V9CSWBJ9WPZ
Date: Fri, 27 Jan 2023 02:33:53 GMT
Last-Modified: Mon, 10 May 2021 09:47:19 GMT
ETag: "c50c2bc85b52acb7876414f60b0546d7"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 20872
www.youtube.com/embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY
200 OK 56 kB URL HTTP/2 www.youtube.com/embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58608)
Hash ade58703aab2f0384fee7cfe21cc939b
04a65fe74339b6be5491864912e9e200545bb4d1
297311e7577a570609e46a969df57d7c0bfc8d180a4de233a79b322b7f6b14b0
GET /embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 27 Jan 2023 02:33:50 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=UWJb_OkqL3E; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TXpFMU5EWTJNamc1TnpBek5UQXlNQT09EI7wzJ4GGI7wzJ4G; Domain=.youtube.com; Expires=Wed, 26-Jul-2023 02:33:50 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=9oAkHkt3S4c; Domain=.youtube.com; Expires=Wed, 26-Jul-2023 02:33:50 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+635; expires=Sun, 26-Jan-2025 02:33:50 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/57951.jpg
200 OK 17 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/57951.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:09:05 13:04:02], progressive, precision 8, 120x60, components 3\012- data
Hash 2eb6c9a4d272802dbb128ed38e7a5c52
2a63a5f3a9dd0699aa4f23c4f5d98f6e22ccbf6a
93dbc0025e3a8fe262efcaec2beaa45f1ed03a489ce77990c982b5768b267fb1
GET /logos.formetocoupon.com/120x60/57951.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 8sVOSTttwsIoBtKMFjXUqaDTZBgIYH+IQWaRM0dURXdL4LMeuiga4mZ2mNAFfYR35aNXDPmSo90=
x-amz-request-id: 9N8H5D2NH0V7H85J
Date: Fri, 27 Jan 2023 02:33:53 GMT
Last-Modified: Mon, 05 Sep 2022 11:04:21 GMT
ETag: "2eb6c9a4d272802dbb128ed38e7a5c52"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 17147
s3.amazonaws.com/logos.formetocoupon.com/120x60/58419.jpg
200 OK 31 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/58419.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:09:22 15:45:06], progressive, precision 8, 120x60, components 3\012- data
Hash 9a52447583f891dc387298edfecf8224
b4c08b55dc053987d8d66658d77123252464952b
b175347cb23506f45584585ed66d17e923c347cbd24640f8ba1e0ee52931a023
GET /logos.formetocoupon.com/120x60/58419.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: /u0ccsVrT8GArNUZTh7pvkrj4I/o6MW4w0Yp+5db0EVfEnz9C8AxOcmjxpwICcrv5lPoMUGXaFo=
x-amz-request-id: 9N8KE75GVVKF3CX7
Date: Fri, 27 Jan 2023 02:33:53 GMT
Last-Modified: Thu, 22 Sep 2022 13:45:23 GMT
ETag: "9a52447583f891dc387298edfecf8224"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 30939
www.youtube.com/embed/d36aPUaJ1Pg?autoplay=1&controls=0&start=2&end=2&modestbranding=1&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=d36aPUaJ1Pg
200 OK 48 kB URL HTTP/2 www.youtube.com/embed/d36aPUaJ1Pg?autoplay=1&controls=0&start=2&end=2&modestbranding=1&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=d36aPUaJ1Pg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58608)
Hash adda6e30b52e12c22790d594dd0f27de
b20278e4cc89d47e07a13365b12a531af48fb25e
9412c2b6a099418208f56cbc7f6063d0f3c2e4552e85d47b5c090cec2f49e6c5
GET /embed/d36aPUaJ1Pg?autoplay=1&controls=0&start=2&end=2&modestbranding=1&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=d36aPUaJ1Pg HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 27 Jan 2023 02:33:50 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=XL4XteYosjM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=zGndonZ_wLQ; Domain=.youtube.com; Expires=Wed, 26-Jul-2023 02:33:50 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TXpFMU5EWTJNamczTmpNMk1UQTROUT09EI7wzJ4GGI7wzJ4G; Domain=.youtube.com; Expires=Wed, 26-Jul-2023 02:33:50 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+245; expires=Sun, 26-Jan-2025 02:33:50 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/53938.jpg
200 OK 24 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/53938.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:02:03 14:23:28], baseline, precision 8, 120x60, components 3\012- data
Hash f41c610227bd8a78a04162ddc6986ac2
5f00291069a668314dcc04d60727517796709a18
5ca756b97453abea9bd1fdd3a020adb8cafc24a614cc37caa4accb9fd7b8cbf8
GET /logos.formetocoupon.com/120x60/53938.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: qTUJq3kn6c+0kXV4XqJPn7k+vor0US2V/tc/tutAgg9bazTR8a1HJcQRWBkmP81ZHVmjUDrvy9E=
x-amz-request-id: 9N8WSTY3P0WRFS9D
Date: Fri, 27 Jan 2023 02:33:53 GMT
Last-Modified: Thu, 03 Feb 2022 12:23:40 GMT
ETag: "f41c610227bd8a78a04162ddc6986ac2"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 23792
s3.amazonaws.com/logos.formetocoupon.com/120x60/25268.gif
200 OK 2.3 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/25268.gif
IP
File type GIF image data, version 89a, 120 x 60\012- data
Hash cf37554943d5538e103d21b3c3e39ed6
02748f407dfe962b12e77c47859d334983e35b58
524bbaa6c6f30d9c2bb4eea04ecb3ee579607de7702a4938ac9bb157d968cdbc
GET /logos.formetocoupon.com/120x60/25268.gif HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: bUWTv3QPqKTmGR+rvFiIkB1XyvX+zX8NvT+y8STJXQ4IAnvThe0d92+ksh+d8xXruG16LaqLVyU=
x-amz-request-id: 9N8Y55X4V6NMCSJ9
Date: Fri, 27 Jan 2023 02:33:53 GMT
Last-Modified: Thu, 18 Feb 2016 20:24:04 GMT
ETag: "cf37554943d5538e103d21b3c3e39ed6"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 2343
www.youtube.com/embed/o5F8MOz_IDw?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
200 OK 33 kB URL HTTP/2 www.youtube.com/embed/o5F8MOz_IDw?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash 3763b8cf839730ea7ff1eab672ed4437
807faca4c650381e81b2eaf98a3052255176f3ca
e268ae3ac6117aae1c0f93ea4b81d38381ecd259f8013e953c106eeead29bef5
GET /embed/o5F8MOz_IDw?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 27 Jan 2023 02:33:50 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=abN5V9bIzdQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=TXZMr2t_xHI; Domain=.youtube.com; Expires=Wed, 26-Jul-2023 02:33:50 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TXpFMU5EWTJNekF3TmpRek9ERTBNdz09EI7wzJ4GGI7wzJ4G; Domain=.youtube.com; Expires=Wed, 26-Jul-2023 02:33:50 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+762; expires=Sun, 26-Jan-2025 02:33:50 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/0nxwujvI9-4?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
200 OK 45 kB URL HTTP/2 www.youtube.com/embed/0nxwujvI9-4?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash 5edf13433554990b0ed63463b1dbcff1
3527c49053eb85b2b3c34cf409dea1522b113dd9
0a44fdafa96e8bde8ffc756abdcb54fafabd271ded5764ee8eab802e8580b672
GET /embed/0nxwujvI9-4?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 27 Jan 2023 02:33:50 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Ia-PYx3uLOI; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TXpFMU5EWTJNemsyTkRnME1qQTFNZz09EI7wzJ4GGI7wzJ4G; Domain=.youtube.com; Expires=Wed, 26-Jul-2023 02:33:50 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=OtO0j_Mr0Pk; Domain=.youtube.com; Expires=Wed, 26-Jul-2023 02:33:50 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+355; expires=Sun, 26-Jan-2025 02:33:50 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
200 OK 28 kB URL HTTP/2 www.youtube.com/embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash bfbaa5840d79ae79fcdee1d9509ba3a8
0ed26febb6042127ab8428dac173fa35897a671e
e6c8476d29503d278947d34b0591ed6d4c897e6a4821a406c729a8cb08ad45ec
GET /embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 27 Jan 2023 02:33:50 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=uN345UbIucA; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TXpFMU5EWTJNelk1TURBM01qTXpNZz09EI7wzJ4GGI7wzJ4G; Domain=.youtube.com; Expires=Wed, 26-Jul-2023 02:33:50 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=432T0bJUbGw; Domain=.youtube.com; Expires=Wed, 26-Jul-2023 02:33:50 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+062; expires=Sun, 26-Jan-2025 02:33:50 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a74494062e6a7972fc90481d1e630c64
ffe981a21eb348523070407acd3cdd38e3d2246c
d203fd0d814143acff3b5ffbe352337fb0e5d4c283b945ff74f9085b22d42840
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:27:52 GMT
expires: Fri, 27 Jan 2023 02:42:52 GMT
cache-control: public, max-age=900
age: 360
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a74494062e6a7972fc90481d1e630c64
ffe981a21eb348523070407acd3cdd38e3d2246c
d203fd0d814143acff3b5ffbe352337fb0e5d4c283b945ff74f9085b22d42840
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&pxtags=Cg4KAnR4EggyNDQzODk1MA&rxtags=Cg4KAnR4EggyNDQzODk0NQ%2CCg4KAnR4EggyNDQzODk0Ng%2CCg4KAnR4EggyNDQzODk0Nw%2CCg4KAnR4EggyNDQzODk0OA%2CCg4KAnR4EggyNDQzODk0OQ%2CCg4KAnR4EggyNDQzODk1MA%2CCg4KAnR4EggyNDQzODk1MQ&alr=yes&id=62312
200 OK 291 B URL HTTP/2 redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&pxtags=Cg4KAnR4EggyNDQzODk1MA&rxtags=Cg4KAnR4EggyNDQzODk0NQ%2CCg4KAnR4EggyNDQzODk0Ng%2CCg4KAnR4EggyNDQzODk0Nw%2CCg4KAnR4EggyNDQzODk0OA%2CCg4KAnR4EggyNDQzODk0OQ%2CCg4KAnR4EggyNDQzODk1MA%2CCg4KAnR4EggyNDQzODk1MQ&alr=yes&id=62312
IP
File type ASCII text, with very long lines (507), with no line terminators
Hash f631bd9e38aa18a9b0ef704d152a45e7
3e04cdcedd5a6e3269c81bba46133168421ffb4a
7050e7af11a86bf3b3bac0c50684d282168a33b8fb2ce2e4adda89b60f917ec1
GET /initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&pxtags=Cg4KAnR4EggyNDQzODk1MA&rxtags=Cg4KAnR4EggyNDQzODk0NQ%2CCg4KAnR4EggyNDQzODk0Ng%2CCg4KAnR4EggyNDQzODk0Nw%2CCg4KAnR4EggyNDQzODk0OA%2CCg4KAnR4EggyNDQzODk0OQ%2CCg4KAnR4EggyNDQzODk1MA%2CCg4KAnR4EggyNDQzODk1MQ&alr=yes&id=62312 HTTP/1.1
Host: redirector.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
content-type: text/plain; charset=UTF-8
content-encoding: gzip
server: ClientMapServer
content-length: 291
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 27 Jan 2023 02:33:53 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
200 OK 793 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
IP
File type ASCII text, with very long lines (2368)
Hash c03418fdd6fad3ea75ccfc3c9fc5e67d
39b5410e5df22761f2f69cb2760e10232bee7807
eef19009dab4eb577ab5309252a4b88e664ccb0a36f52123659801b8d0337916
GET /assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 793
date: Fri, 16 Dec 2022 01:43:33 GMT
server: nginx
last-modified: Tue, 13 Dec 2022 10:06:05 GMT
content-encoding: gzip
expires: Mon, 13 Dec 2032 01:43:33 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -i-nPYSFm20CmaA58-I1ZxeuyySN6i3e6uXRs4mDEXX-F0pNi0K2aQ==
age: 3631820
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a4154f9780d4ef7c61b45ccfff91e5ee
fa97c53e69a2e72e10ee12627c31b5201d36c14c
73f37cd9a981be0d639f75cb30582ab2d7a4e92ce1c47cee30856b2f7d7e8207
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 30b0177ba6934ddc6072f8139405c438
0dc423d919ccd5863cfc1e6902deb1d6562d0e14
058f5aa439e893f31c42235f7731eb5242dfe0dfcfcac99868445fb05bc15eef
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 27 Jan 2023 02:33:53 GMT
server: ESF
cache-control: private
content-length: 30876
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2ebcc7cd4c50e87a984668828c1e612e
f693d36335f333e3647f9fb2460e34dd73e17421
27f1d63422ccd02a6af514c2c0a36ac6f4e0d6f74ad6d9fc8c32e8ea487ffe15
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/0nxwujvI9-4/sddefault.webp
200 OK 30 kB URL HTTP/2 i.ytimg.com/vi_webp/0nxwujvI9-4/sddefault.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f1cb691ce049a9b172f34b7f07539211
62518e66afefd5186f273284c0f669ed0389a401
4729ab37821acb4bd0885e11eaa8807077b62aa8ad128e8c436597749c5f787b
GET /vi_webp/0nxwujvI9-4/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 29482
date: Fri, 27 Jan 2023 02:33:53 GMT
expires: Fri, 27 Jan 2023 04:33:53 GMT
cache-control: public, max-age=7200
etag: "1667228521"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash cddbe80a38ad54a3a9b6d8352dd8b6a1
91065b8b6899899bd65d90976b98ee48f86965fd
4d8820524bcd2273aa16566a504ac3c9b6a34b5dae613efd87f61eefa21aed7a
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 27 Jan 2023 02:33:53 GMT
server: ESF
cache-control: private
content-length: 30836
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 2.0 kB IP
Hash bac654f853a22599619f6be0d3389e9b
8eef9da28d8eba7a451cf12cf6ceaeeb95a7a588
ff1240407eabc947be88796015063b2a209feca76ae2bb94044e57cb056d2301
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/o5F8MOz_IDw/sddefault.jpg
200 OK 47 kB URL HTTP/2 i.ytimg.com/vi/o5F8MOz_IDw/sddefault.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash fa1d7ec944b2ca9fc5f2952ad2c720e0
773040a84871d0c24869b06dceb147a0aa1d2a6e
10d19befc25bfb8d166d139ed993b18961cc881fd9f3c4a4d1d6ac18d9c77a6c
GET /vi/o5F8MOz_IDw/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 47314
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:03:50 GMT
expires: Fri, 27 Jan 2023 04:03:50 GMT
cache-control: public, max-age=7200
age: 1803
etag: "1669075937"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c8a0d6bc80301700d6fb1d520beb8b49
f33a1a1e491fcd6ca31360b28b092457a2d48f23
ef0535b52ccb717c1200d5974ea8841b92f655234d67ace0e71c1ec7f5fbb3f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ih1.redbubble.net/image.2501823087.1427/flat,220x200,075,t.u5.jpg
200 OK 13 kB URL HTTP/2 ih1.redbubble.net/image.2501823087.1427/flat,220x200,075,t.u5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 41a7ff2b932518137a3d3ed4e75cff14
12788c351920ae2e6a6915c80ea0f1cae9106382
281a8d6feb56d70c6a48c55fbf412a1d8e6fe90435118f7571a8635c0f706ceb
GET /image.2501823087.1427/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 13629670
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Fri, 27 Jan 2023 02:33:53 GMT
etag: W/"281a8d6feb56d70c6a48c55fbf412a1d"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7F60)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: d5f2891d-027d-4541-8e68-d499a6d21006
x-xss-protection: 1; mode=block
content-length: 12808
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=www.morecouponstogo.com
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.morecouponstogo.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.morecouponstogo.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 27 Jan 2023 02:33:53 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5f57a83befb5510821576265e691190f
136d15f2cbbc6416d808afcb8f48a19b346937fc
b3d3b78aaea9273c95224d6242a3817bac9be7fc46800e741da32bba13db5fa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ih1.redbubble.net/image.2423146004.3028/raf,220x200,075,t,black.u5.jpg
200 OK 7.1 kB URL HTTP/2 ih1.redbubble.net/image.2423146004.3028/raf,220x200,075,t,black.u5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash ea2e9b008dd5ea4ae82bd436910c2533
9b839ada94e09772f01c49af1032b9f046e9b6ed
0220c6be7d3cfcffc662fcab4c31803925ec7e294e4165098a1b364ad8800ace
GET /image.2423146004.3028/raf,220x200,075,t,black.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 13629670
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Fri, 27 Jan 2023 02:33:53 GMT
etag: W/"0220c6be7d3cfcffc662fcab4c318039"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7F84)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 0c943895-8cf5-4c7d-88fc-024373c4d11a
x-xss-protection: 1; mode=block
content-length: 7140
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2446110696.1260/flat,220x200,075,t.u5.jpg
200 OK 18 kB URL HTTP/2 ih1.redbubble.net/image.2446110696.1260/flat,220x200,075,t.u5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash cbeccae7615c2abb796b18362413fca1
786507630ef7d824bf8b40a916bb291925c6f8f3
dbafa1cf5b6b67e92b03ca7ec815306d430a7e5909e4976c1678942b12296d67
GET /image.2446110696.1260/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 4627848
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Fri, 27 Jan 2023 02:33:53 GMT
etag: W/"dbafa1cf5b6b67e92b03ca7ec815306d"
last-modified: Sun, 04 Dec 2022 13:03:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7EEB)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 265760a0-67d0-4cb0-8773-7754a3305ec0
x-xss-protection: 1; mode=block
content-length: 18020
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2615416373.1429/flat,220x200,075,t.u5.jpg
200 OK 12 kB URL HTTP/2 ih1.redbubble.net/image.2615416373.1429/flat,220x200,075,t.u5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 4ed24b51630a165d7ab03688d1325d25
c726cb712f4cd72bf5c564a7dc0ad0ebbf9d2a52
19914bb432c06112f7f8b4878fbfbb15d4610cac7de7e1e4cada665e77dc02ac
GET /image.2615416373.1429/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 6080219
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Fri, 27 Jan 2023 02:33:53 GMT
etag: W/"19914bb432c06112f7f8b4878fbfbb15"
last-modified: Thu, 17 Nov 2022 17:36:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7EA5)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: e3905e0b-d695-4b0b-8efc-7a4564418686
x-xss-protection: 1; mode=block
content-length: 12230
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AL5GRJUptjpf05V9cyOP8iqgW2OnTuoljlNJBxLmkoh7Kg=s68-c-k-c0x00ffffff-no-rj
200 OK 4.2 kB URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJUptjpf05V9cyOP8iqgW2OnTuoljlNJBxLmkoh7Kg=s68-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash b946c8455b4907ae2c8a4a6415b785e9
ae2123e20c2ff1542dd53b55432f461c96b4a448
bd4bf1c06f612dd7dcc8c98b0b34587ab49fd52ce84ad9f6c12678ed5dc76c46
GET /ytc/AL5GRJUptjpf05V9cyOP8iqgW2OnTuoljlNJBxLmkoh7Kg=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4224
x-xss-protection: 0
date: Fri, 27 Jan 2023 00:12:58 GMT
expires: Tue, 24 Jan 2023 00:52:15 GMT
cache-control: public, max-age=86400, no-transform
age: 8455
etag: "v14c1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3ebf9d7211aba4c70b84fb470a61b414
28fe29a24e47d6abda88eeeb5e22eddda03c7fca
a8276e099d9d8452b65b70d161a459fae25afb37cea7eff9cc5563b7de972acc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ih0.redbubble.net/image.2579261137.2872/flat,220x200,075,t.u5.jpg
200 OK 10 kB URL HTTP/2 ih0.redbubble.net/image.2579261137.2872/flat,220x200,075,t.u5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash b76c5fc72cbdc548cf7f48bb305a3d3f
dc8ee860f4d0d17dabbaec4b0b37c0d7514464c6
ba0865ca0df9021211a47e677772b85d96f2a01dbb54c4314caa379816800f06
GET /image.2579261137.2872/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 4022808
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Fri, 27 Jan 2023 02:33:53 GMT
etag: W/"ba0865ca0df9021211a47e677772b85d"
last-modified: Sun, 11 Dec 2022 13:07:05 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7EA2)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 81b8040b-ae19-4846-acc2-0dc83718b3ef
x-xss-protection: 1; mode=block
content-length: 10402
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=www.morecouponstogo.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.morecouponstogo.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.morecouponstogo.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 27 Jan 2023 02:33:53 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AL5GRJV9mRPkvM2LE2gaI0wkZPfL9p5kd2fcAbF2eXu-EQ=s68-c-k-c0x00ffffff-no-rj
200 OK 3.7 kB URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJV9mRPkvM2LE2gaI0wkZPfL9p5kd2fcAbF2eXu-EQ=s68-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 860514a51aa64a86829bf2f2a73e07e5
8dc46063803ebfdd47e2fd702d5a47b7c16c6f5f
e3c25dc2c90e577fab5eecfee844608747f6be20bd5962726f6a6c81be8290cb
GET /ytc/AL5GRJV9mRPkvM2LE2gaI0wkZPfL9p5kd2fcAbF2eXu-EQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3718
x-xss-protection: 0
date: Thu, 26 Jan 2023 23:57:53 GMT
expires: Wed, 25 Jan 2023 07:30:52 GMT
cache-control: public, max-age=86400, no-transform
age: 9360
etag: "va0"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js
200 OK 14 kB URL HTTP/2 www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js
IP
File type ASCII text, with very long lines (36171)
Hash a13a76dd17af226d4a24bd16ef702377
c364171cd0f66eb4a1a8dde04e1e083154d81dbd
1dd3352cbdb7561b142954006a2bb94008486c22760c3d5ebb1b6fffeb325173
GET /js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14250
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 18:38:28 GMT
expires: Sat, 20 Jan 2024 18:38:28 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
age: 546925
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2609329537.2892/raf,220x200,075,t,white.u5.jpg
200 OK 13 kB URL HTTP/2 ih0.redbubble.net/image.2609329537.2892/raf,220x200,075,t,white.u5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 7c729abcf1fb3cbc2c5338f004443fc8
ba2199b908015be4eb601ea363fa1e6a05e6109a
c350b44a154b399e0bef5fafa2ce0bbabd485db22ed9531b4566a297704c2898
GET /image.2609329537.2892/raf,220x200,075,t,white.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 1838672
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Fri, 27 Jan 2023 02:33:53 GMT
etag: W/"c350b44a154b399e0bef5fafa2ce0bba"
last-modified: Thu, 05 Jan 2023 19:49:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7FA8)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: bbbec080-8758-4f4c-bc9f-46a573131e8b
x-xss-protection: 1; mode=block
content-length: 13202
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2503050093.7512/flat,220x200,075,t.u5.jpg
200 OK 14 kB URL HTTP/2 ih0.redbubble.net/image.2503050093.7512/flat,220x200,075,t.u5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash a1a091afde7b0a602c3bb668fe15e8b3
3bc1c0afd5a02a5440fd3563d8c94dbf35a35d88
837c72675526f060b64fc4178d180a6b4aa40badc1660dea0b43cfaf12c87137
GET /image.2503050093.7512/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 4538071
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Fri, 27 Jan 2023 02:33:53 GMT
etag: W/"837c72675526f060b64fc4178d180a6b"
last-modified: Mon, 05 Dec 2022 13:59:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7F7F)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: effd63d9-ce2f-456e-b79a-5328e5a37ac8
x-xss-protection: 1; mode=block
content-length: 14514
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c8a0d6bc80301700d6fb1d520beb8b49
f33a1a1e491fcd6ca31360b28b092457a2d48f23
ef0535b52ccb717c1200d5974ea8841b92f655234d67ace0e71c1ec7f5fbb3f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5f57a83befb5510821576265e691190f
136d15f2cbbc6416d808afcb8f48a19b346937fc
b3d3b78aaea9273c95224d6242a3817bac9be7fc46800e741da32bba13db5fa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.brizy.cloud/customfile/83514b99a26a80e89d4d5e894e4e99c3.mp4
206 Partial Content 48 kB URL HTTP/1.1 www.brizy.cloud/customfile/83514b99a26a80e89d4d5e894e4e99c3.mp4
IP
Hash 6665fb565879b5268d16d59480c30b49
e8a13ff303ef19c1f20bdb9669e03661870cd9e1
e583a5c29a1e85b69e92f41c5c48f013437d092c89f9baa6301b7af966a5ba58
GET /customfile/83514b99a26a80e89d4d5e894e4e99c3.mp4 HTTP/1.1
Host: www.brizy.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=4358144-
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx
Date: Fri, 27 Jan 2023 02:33:53 GMT
Content-Type: video/mp4
Content-Length: 47139
Connection: keep-alive
Cache-Control: public
Last-Modified: Fri, 27 Jan 2023 02:33:53 GMT
Content-Disposition: attachment; filename="Homepage-20video-20on-20White-mp4.mp4"
Accept-Ranges: bytes
Content-Range: bytes 4358144-4405282/4405283
ih0.redbubble.net/image.2615509652.3915/flat,220x200,075,t.u5.jpg
200 OK 9.5 kB URL HTTP/2 ih0.redbubble.net/image.2615509652.3915/flat,220x200,075,t.u5.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash bec24a797621dc1b550df36956ebada4
2e28ce3cc5e85db3d2c5fb26f7a328f594a620c8
4e57c4041246929caec036f63290e869dea5923090d2e263a083a0cd9df0f51b
GET /image.2615509652.3915/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 9528368
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Fri, 27 Jan 2023 02:33:53 GMT
etag: W/"4e57c4041246929caec036f63290e869"
last-modified: Sat, 08 Oct 2022 19:47:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7F81)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: b0ac1ab6-a28b-4a96-a7b6-4f1b185ea558
x-xss-protection: 1; mode=block
content-length: 9544
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2521900674.0223/flat,220x200,075,t.u5.jpg
200 OK 12 kB URL HTTP/2 ih1.redbubble.net/image.2521900674.0223/flat,220x200,075,t.u5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 4f656d55e30a35cccb4bc94a74f0df52
19ae51457ecb9dbeac9a0d7d1ae42f9156563056
70b55f3994d82e9bf29d7f59509bb9d010d379e6e3d6901f289bf825fe5e15a0
GET /image.2521900674.0223/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 13629670
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Fri, 27 Jan 2023 02:33:53 GMT
etag: W/"70b55f3994d82e9bf29d7f59509bb9d0"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7F18)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: ee84e291-69ac-49ed-ab14-b532dcc3fe55
x-xss-protection: 1; mode=block
content-length: 11509
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png
200 OK 753 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png
IP
File type PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 95b83ee0d2cb98b5133345024a14031e
fb1f79f434185cabeda75b895cb0e98113c8c6ec
5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0
GET /assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 753
date: Mon, 05 Sep 2022 13:09:45 GMT
server: nginx
last-modified: Sun, 04 Sep 2022 10:06:31 GMT
expires: Thu, 02 Sep 2032 13:09:45 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RBfb27ImRJnxzkldLxzWi83bS4LmFekUiOT-DQc5YqjUvmcOQ4S9FQ==
age: 12403448
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png
200 OK 147 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png
IP
File type PNG image data, 7 x 10, 8-bit gray+alpha, non-interlaced\012- data
Hash aafe97f737c068ef75a9410c8a45f5a4
0d1856e53194b2a68d1976a21fe05d20eac683b6
44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47
GET /assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 147
date: Sat, 19 Nov 2022 12:53:29 GMT
server: nginx
last-modified: Wed, 16 Nov 2022 10:07:37 GMT
expires: Tue, 16 Nov 2032 12:53:29 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Pk7bbU5_Ep9xiQosiIgSYmJs-RsrXuZmw0CnaUa5L2sk4j1UDRSRxw==
age: 5924424
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif
200 OK 1.8 kB URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif
IP
File type GIF image data, version 89a, 32 x 32\012- data
Hash 53c8654b9584bb9f925f2e9f12a3a365
69b347445a08ef2e1235cb8ff2fad484d59ae7d3
8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d
GET /assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 1785
date: Tue, 08 Nov 2022 20:01:35 GMT
server: nginx
last-modified: Thu, 03 Nov 2022 10:05:58 GMT
expires: Fri, 05 Nov 2032 20:01:35 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wZ8UpJCWJEIR-MF573cT5Hu0pNE0kGmTSKrhDdp3MDNajLDf0A2exw==
age: 6849139
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4bf30f4bdb03b93a21056252853b4e21
b79b6b31360202b2775c8423e73af7ce6c96b44f
7563990b2ddd973bf92485dbfebb87a5b3156f8f22e6a9b3e7df7aa496ca0256
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 02:33:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r2---sn-capm-vnae.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=0&ovd=0&oaad=0&oavd=0&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&pxtags=Cg4KAnR4EggyNDQzODkyOQ&rxtags=Cg4KAnR4EggyNDQzODkyOA%2CCg4KAnR4EggyNDQzODkyOQ%2CCg4KAnR4EggyNDQzODkzMA%2CCg4KAnR4EggyNDQzODkzMQ%2CCg4KAnR4EggyNDQzODkzMg%2CCg4KAnR4EggyNDQzODkzMw%2CCg4KAnR4EggyNDQzODkzNA&ms=au&id=4e07b81a04669ab6&cpn=SIAI0gjYQazoc1n9&opr=1&por=1&rn=1
200 OK 9.1 kB URL HTTP/1.1 r2---sn-capm-vnae.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=0&ovd=0&oaad=0&oavd=0&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&pxtags=Cg4KAnR4EggyNDQzODkyOQ&rxtags=Cg4KAnR4EggyNDQzODkyOA%2CCg4KAnR4EggyNDQzODkyOQ%2CCg4KAnR4EggyNDQzODkzMA%2CCg4KAnR4EggyNDQzODkzMQ%2CCg4KAnR4EggyNDQzODkzMg%2CCg4KAnR4EggyNDQzODkzMw%2CCg4KAnR4EggyNDQzODkzNA&ms=au&id=4e07b81a04669ab6&cpn=SIAI0gjYQazoc1n9&opr=1&por=1&rn=1
IP
ASN #50304 Blix Solutions AS
Hash 633c4d17a9c8995aa257f0317b870ee0
91241e06a597995019b95fcd732db74ec5302f39
bdfdd415ac627bb0c938ef1a03509d3755b97f3093265ce8ade892a21f0c1c48
POST /initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=0&ovd=0&oaad=0&oavd=0&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&pxtags=Cg4KAnR4EggyNDQzODkyOQ&rxtags=Cg4KAnR4EggyNDQzODkyOA%2CCg4KAnR4EggyNDQzODkyOQ%2CCg4KAnR4EggyNDQzODkzMA%2CCg4KAnR4EggyNDQzODkzMQ%2CCg4KAnR4EggyNDQzODkzMg%2CCg4KAnR4EggyNDQzODkzMw%2CCg4KAnR4EggyNDQzODkzNA&ms=au&id=4e07b81a04669ab6&cpn=SIAI0gjYQazoc1n9&opr=1&por=1&rn=1 HTTP/1.1
Host: r2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3543
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 02:33:54 GMT
Expires: Sat, 28 Jan 2023 02:33:54 GMT
Cache-Control: public, max-age=86400
Content-Type: application/vnd.yt-ump
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
a-cloud.b-cdn.net/media/iW=5000&iH=any/2140325504fda1a2cde8af4bef434f25/maxresdefault-3-.jpg
200 OK 114 B URL HTTP/2 a-cloud.b-cdn.net/media/iW=5000&iH=any/2140325504fda1a2cde8af4bef434f25/maxresdefault-3-.jpg
IP
ASN #34989 ServeTheWorld AS
File type gzip compressed data, max compression\012- data
Hash a6a5126b418a31f7a0e5e6e5fd3a6c06
9dbe8e135d236f3b8c12e04aea09436cc5cb3f74
042286287c18116420303191e1ecff1aa921910b50c3d9ead694389291d04ef2
GET /media/iW=5000&iH=any/2140325504fda1a2cde8af4bef434f25/maxresdefault-3-.jpg HTTP/1.1
Host: a-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:50 GMT
content-type: image/webp
content-length: 133726
server: BunnyCDN-NO1-830
cdn-pullzone: 465925
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Fri, 27 Jan 2023 02:33:50 GMT
via: BunnyCDN
x-bo-server: DE-228
accept: image/avif, image/webp, */*
accept-language: en-US, en; q=0.5
referer: https://www.morecouponstogo.com/
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
cdn-serverid: 830
cdn-serverzone: NO
cdn-host: a-cloud.b-cdn.net
cdn-mobiledevice: false
x-forwarded-proto: https
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
cdn-requestpullsuccess: True
cdn-proxyver: 1.03
x-forwarded-for: 91.90.42.154
x-downloadsize: 146099
x-bo-origindownloadtime: 452
x-bo-processingtime: 9
x-bo-compressionratio: 8.47%
cdn-requestpullcode: 200
cdn-cachedat: 01/27/2023 02:33:50
cdn-edgestorageid: 830
link: <https://www.brizy.cloud/media/iW=5000&iH=any/2140325504fda1a2cde8af4bef434f25/maxresdefault-3-.jpg>; rel="canonical"
cdn-status: 200
cdn-requestid: 2ae9b3d128c6c822af9fd67b70a4c77d
cdn-cache: MISS
X-Firefox-Spdy: h2
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1674808434&ei=EjjTY47aItuD0u8P8uSv8AI&ip=91.90.42.154&id=o-AGMmjJs1dct6Wa0RSa0Gp4Wq4jBVkHaAymaOqj88ekBd&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1088750&spc=H3gIhvcWN5zRGyZ0ElClYsm25qgQ3ek&vprv=1&mime=video%2Fwebm&ns=pqvd0MPdKkZhFZnEndkKc0cL&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&mt=1674786575&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=xjI-wgikpfESzw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgCz1YduAwuzo0y9QSBLAQ5UAUkdHeQBQj8mEvGI-vw5ICIQCoZo4aC7qhDMGr8DdxqrQk32LxKH6u7_CuB7QU5zPcLA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPLxxitST2fK3HXGb-kcO8jCp7k66d-yru37cLcRON4vAiAobNG_qxm4pm_TcUi4C8faWTf-fS9zO05o7gRwBEZ_iA%3D%3D&alr=yes&cpn=gEuhHei7r4lZWyLT&cver=1.20230111.01.00&range=0-348&rn=1&rbuf=0
200 OK 1.1 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1674808434&ei=EjjTY47aItuD0u8P8uSv8AI&ip=91.90.42.154&id=o-AGMmjJs1dct6Wa0RSa0Gp4Wq4jBVkHaAymaOqj88ekBd&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1088750&spc=H3gIhvcWN5zRGyZ0ElClYsm25qgQ3ek&vprv=1&mime=video%2Fwebm&ns=pqvd0MPdKkZhFZnEndkKc0cL&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&mt=1674786575&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=xjI-wgikpfESzw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgCz1YduAwuzo0y9QSBLAQ5UAUkdHeQBQj8mEvGI-vw5ICIQCoZo4aC7qhDMGr8DdxqrQk32LxKH6u7_CuB7QU5zPcLA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPLxxitST2fK3HXGb-kcO8jCp7k66d-yru37cLcRON4vAiAobNG_qxm4pm_TcUi4C8faWTf-fS9zO05o7gRwBEZ_iA%3D%3D&alr=yes&cpn=gEuhHei7r4lZWyLT&cver=1.20230111.01.00&range=0-348&rn=1&rbuf=0
IP
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1066), with no line terminators
Hash 4826bb0ea27e92a55be3c3c54e9afd8c
651a643505ad943684d96983c9b08641cb4c4933
1f804a3f9d912d606c63cd4d39502bfbf0b1833aecda61ac75ae93c4ab8928ed
POST /videoplayback?expire=1674808434&ei=EjjTY47aItuD0u8P8uSv8AI&ip=91.90.42.154&id=o-AGMmjJs1dct6Wa0RSa0Gp4Wq4jBVkHaAymaOqj88ekBd&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1088750&spc=H3gIhvcWN5zRGyZ0ElClYsm25qgQ3ek&vprv=1&mime=video%2Fwebm&ns=pqvd0MPdKkZhFZnEndkKc0cL&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&mt=1674786575&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=xjI-wgikpfESzw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgCz1YduAwuzo0y9QSBLAQ5UAUkdHeQBQj8mEvGI-vw5ICIQCoZo4aC7qhDMGr8DdxqrQk32LxKH6u7_CuB7QU5zPcLA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPLxxitST2fK3HXGb-kcO8jCp7k66d-yru37cLcRON4vAiAobNG_qxm4pm_TcUi4C8faWTf-fS9zO05o7gRwBEZ_iA%3D%3D&alr=yes&cpn=gEuhHei7r4lZWyLT&cver=1.20230111.01.00&range=0-348&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 27 Jan 2023 02:33:55 GMT
Expires: Fri, 27 Jan 2023 02:33:55 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1066
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1674808434&ei=EjjTY47aItuD0u8P8uSv8AI&ip=91.90.42.154&id=o-AGMmjJs1dct6Wa0RSa0Gp4Wq4jBVkHaAymaOqj88ekBd&itag=250&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1088750&spc=H3gIhvcWN5zRGyZ0ElClYsm25qgQ3ek&vprv=1&mime=audio%2Fwebm&ns=pqvd0MPdKkZhFZnEndkKc0cL&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&mt=1674786575&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=xjI-wgikpfESzw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOt48okQaTzPBytRl27evr2XBV1xF3GiSKXU0ObGgyKTAiEAyDQK5dc6VrnqPtYZxYEOKegbSbznZXY6MAdVrKEFj_Q%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPLxxitST2fK3HXGb-kcO8jCp7k66d-yru37cLcRON4vAiAobNG_qxm4pm_TcUi4C8faWTf-fS9zO05o7gRwBEZ_iA%3D%3D&alr=yes&cpn=gEuhHei7r4lZWyLT&cver=1.20230111.01.00&range=0-337&rn=2&rbuf=0
200 OK 1.0 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1674808434&ei=EjjTY47aItuD0u8P8uSv8AI&ip=91.90.42.154&id=o-AGMmjJs1dct6Wa0RSa0Gp4Wq4jBVkHaAymaOqj88ekBd&itag=250&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1088750&spc=H3gIhvcWN5zRGyZ0ElClYsm25qgQ3ek&vprv=1&mime=audio%2Fwebm&ns=pqvd0MPdKkZhFZnEndkKc0cL&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&mt=1674786575&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=xjI-wgikpfESzw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOt48okQaTzPBytRl27evr2XBV1xF3GiSKXU0ObGgyKTAiEAyDQK5dc6VrnqPtYZxYEOKegbSbznZXY6MAdVrKEFj_Q%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPLxxitST2fK3HXGb-kcO8jCp7k66d-yru37cLcRON4vAiAobNG_qxm4pm_TcUi4C8faWTf-fS9zO05o7gRwBEZ_iA%3D%3D&alr=yes&cpn=gEuhHei7r4lZWyLT&cver=1.20230111.01.00&range=0-337&rn=2&rbuf=0
IP
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1015), with no line terminators
Hash fa517d87068e2924401958af38e7462c
58f64d98b6b361e02778af25dd6d1dbf95ede723
39bf3839687a7602a5f2bf253b564914e81ddad1396d23d3d89416bd9b785fcd
POST /videoplayback?expire=1674808434&ei=EjjTY47aItuD0u8P8uSv8AI&ip=91.90.42.154&id=o-AGMmjJs1dct6Wa0RSa0Gp4Wq4jBVkHaAymaOqj88ekBd&itag=250&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynlk&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1088750&spc=H3gIhvcWN5zRGyZ0ElClYsm25qgQ3ek&vprv=1&mime=audio%2Fwebm&ns=pqvd0MPdKkZhFZnEndkKc0cL&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&mt=1674786575&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=xjI-wgikpfESzw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOt48okQaTzPBytRl27evr2XBV1xF3GiSKXU0ObGgyKTAiEAyDQK5dc6VrnqPtYZxYEOKegbSbznZXY6MAdVrKEFj_Q%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPLxxitST2fK3HXGb-kcO8jCp7k66d-yru37cLcRON4vAiAobNG_qxm4pm_TcUi4C8faWTf-fS9zO05o7gRwBEZ_iA%3D%3D&alr=yes&cpn=gEuhHei7r4lZWyLT&cver=1.20230111.01.00&range=0-337&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 27 Jan 2023 02:33:55 GMT
Expires: Fri, 27 Jan 2023 02:33:55 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1015
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde58379f-114f-469a-b64a-4c60841b1a18.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde58379f-114f-469a-b64a-4c60841b1a18.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4b88ea6f29f683c4b46a7487fce35a5
fa64e1287967459f665d337865a2333b4fdc4c33
f0290a9132b343d91426385e31c61cad787b5e82878b5015c13d4c356e387787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde58379f-114f-469a-b64a-4c60841b1a18.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5703
x-amzn-requestid: 39b3ba3a-d049-4555-a04a-e3d55b90478f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1d1F8nIAMFTEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c58-2dc0f52e71e822f71fed1456;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:04:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Llt0BnmCEL0H6v4DHYktatbn7H8KeQhNW0AXkP_EOxOmjx8aQuMdiA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 06:07:43 GMT
age: 73572
etag: "fa64e1287967459f665d337865a2333b4fdc4c33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
trafficadbar.com/favicon.ico
200 OK 0 B URL HTTP/2 trafficadbar.com/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:46 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.gravitec.net/modules/0.bundle.js
200 OK 0 B URL HTTP/2 cdn.gravitec.net/modules/0.bundle.js
IP
ASN #39572 DataWeb Global Group B.V.
GET /modules/0.bundle.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
etag: W/"61fa486f-2550"
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
www.brizy.cloud/customfile/83514b99a26a80e89d4d5e894e4e99c3.mp4
200 OK 0 B URL HTTP/1.1 www.brizy.cloud/customfile/83514b99a26a80e89d4d5e894e4e99c3.mp4
IP
GET /customfile/83514b99a26a80e89d4d5e894e4e99c3.mp4 HTTP/1.1
Host: www.brizy.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 27 Jan 2023 02:33:51 GMT
Content-Type: video/mp4
Content-Length: 4405283
Connection: keep-alive
Cache-Control: public
Last-Modified: Fri, 27 Jan 2023 02:33:51 GMT
Content-Disposition: attachment; filename="Homepage-20video-20on-20White-mp4.mp4"
Accept-Ranges: bytes
z5traffic.com/t/matomo.js
404 Not Found 0 B URL HTTP/2 z5traffic.com/t/matomo.js
IP
GET /t/matomo.js HTTP/1.1
Host: z5traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 27 Jan 2023 02:33:47 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.16.1
vary: Accept-Encoding
x-powered-by: PHP/7.4.12
cache-control: no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
llclickpro.com/MCTGlanding/tab
200 OK 0 B URL HTTP/2 llclickpro.com/MCTGlanding/tab
IP
GET /MCTGlanding/tab HTTP/1.1
Host: llclickpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: lltkrl156457=1; expires=Sat, 28-Jan-2023 02:33:47 GMT; Max-Age=86400; path=/; SameSite=Lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6AGvc2Ue8cL93wX3nKhegw4j%2FlOx6iEIJqYxwU8pKg43vevXfJUBbeYldSIQ4qefDAUP22MreUZXxyHiipnti4ZqIWSBypixfagtlkjG0LgudSrkeq8%2BAKc%2FR4IxVV4pw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fe15e368c9b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
llclickpro.com/trackr.css?v=29
200 OK 0 B URL HTTP/2 llclickpro.com/trackr.css?v=29
IP
GET /trackr.css?v=29 HTTP/1.1
Host: llclickpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/MCTGlanding/tab
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:47 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=12271
last-modified: Tue, 28 Jun 2022 06:00:22 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5387
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5G7rRMLYOFl2eHR4lsgutDWSAMIXfEZVEaJqc1BQTPMAdpXrctk833ad4nZC33SaaDQy9btVtGjSwxh5uneUuDGhAndDKZTwO8vVorbbk%2BNYG6QYg3h1QRTwNEUI5P30Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fe15e5fa16b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.gravitec.net/storage/651b3da8463250405063839a2450c723/client.js
200 OK 0 B URL HTTP/2 cdn.gravitec.net/storage/651b3da8463250405063839a2450c723/client.js
IP
ASN #39572 DataWeb Global Group B.V.
GET /storage/651b3da8463250405063839a2450c723/client.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:49 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Mon, 31 Oct 2022 19:57:34 GMT
etag: W/"636028ae-100fb"
expires: Mon, 31 Oct 2022 20:24:50 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: REVALIDATED
X-Firefox-Spdy: h2
w.leadsleap.com/js.js
200 OK 0 B IP
GET /js.js HTTP/1.1
Host: w.leadsleap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:49 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4038
last-modified: Mon, 06 Jun 2022 14:11:07 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 4973
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJTn9urxt7fFnKpJ0WZQrSx%2BTBhCrd8HepWg09rEVTpw8WQXvfF6XDIWhnLoPvls7S%2F9FHYVFByYVY0PczSvBJbJW9Yhx0U%2FCdNX1qIqRecDLd%2FZbCdbl3wrWAM32HszVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fe15f3ff17b506-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.gravitec.net/sdk/web/configs?appKey=651b3da8463250405063839a2450c723
200 OK 0 B URL HTTP/2 cdn.gravitec.net/sdk/web/configs?appKey=651b3da8463250405063839a2450c723
IP
ASN #39572 DataWeb Global Group B.V.
GET /sdk/web/configs?appKey=651b3da8463250405063839a2450c723 HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:50 GMT
content-type: application/json
server: nginx
x-correlation-id: b3d5d280d34f63374d09ef806726e654
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: MISS
X-Firefox-Spdy: h2
t-adbar1.com/assets/home_logo.png
200 OK 0 B URL HTTP/2 t-adbar1.com/assets/home_logo.png
IP
GET /assets/home_logo.png HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6IlJ2aWVISDNwTjRyK0VjWkptc0FXTEE9PSIsInZhbHVlIjoib0c0ZlZkTnRvZFliTUM2WmpLTUM2dz09IiwibWFjIjoiZTkwM2UxNTE5NjUwODllOWQ2YmZjYjUwMGQ3OTI4ZWQzZjRmYzZlY2EyYTc3NzA4Y2I1MGNmN2ZmM2M5YTVlMiJ9&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:46 GMT
content-type: image/png
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
vary: Accept-Encoding
etag: W/"60c06a82-9a6"
content-encoding: gzip
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/125-cloud/js/preview.pro.js
200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/125-cloud/js/preview.pro.js
IP
ASN #34989 ServeTheWorld AS
GET /builds/pro/125-cloud/js/preview.pro.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:49 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"5c88d2b7889841e346347344260d6669"
last-modified: Mon, 26 Dec 2022 09:01:56 GMT
x-amz-id-2: J5NaGVJanDEY1mgM2udzAVueNvd4yDDJyWatreSghVhLYVLgvmXr46I0gFOctN7vFHY2RmEbakM=
x-amz-request-id: 79EKQSWRE7D2GPY3
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/26/2022 12:44:04
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/125-cloud/js/preview.pro.js>; rel="canonical"
cdn-status: 200
cdn-requestid: 6a7b83f53baf47b847a052444b1f9f08
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/125-cloud/js/group-3.pro.js
200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/125-cloud/js/group-3.pro.js
IP
ASN #34989 ServeTheWorld AS
GET /builds/pro/125-cloud/js/group-3.pro.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:49 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"864e134a7962ccb8605a940e471fad36"
last-modified: Mon, 26 Dec 2022 09:01:56 GMT
x-amz-id-2: WBSMGJHQg4O8kcdXIns5w8x2wu6ZnRWM5sO/s0Saa0bjD7tYuGfiE8y6FU0bGYkbaRUND/ta4aU=
x-amz-request-id: M1G31C1YHP83CBNY
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/27/2023 02:33:49
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/125-cloud/js/group-3.pro.js>; rel="canonical"
cdn-status: 200
cdn-requestid: e2cc5fabfce141c7223edc487995cf55
cdn-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
cdn.gravitec.media/track.min.js
200 OK 0 B URL HTTP/2 cdn.gravitec.media/track.min.js
IP
ASN #39572 DataWeb Global Group B.V.
GET /track.min.js HTTP/1.1
Host: cdn.gravitec.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:50 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
etag: W/"5dde8d82-11d5"
cache-control: max-age=7776000
access-control-allow-origin: *
content-encoding: gzip
expires: Thu, 27 Apr 2023 02:33:50 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
t-adbar1.com/_kc1h
200 OK 0 B IP
GET /_kc1h HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:46 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
set-cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Sun, 26-Feb-2023 02:33:46 GMT; Max-Age=2592000; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6IlJ2aWVISDNwTjRyK0VjWkptc0FXTEE9PSIsInZhbHVlIjoib0c0ZlZkTnRvZFliTUM2WmpLTUM2dz09IiwibWFjIjoiZTkwM2UxNTE5NjUwODllOWQ2YmZjYjUwMGQ3OTI4ZWQzZjRmYzZlY2EyYTc3NzA4Y2I1MGNmN2ZmM2M5YTVlMiJ9&abc=
200 OK 0 B URL HTTP/2 t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6IlJ2aWVISDNwTjRyK0VjWkptc0FXTEE9PSIsInZhbHVlIjoib0c0ZlZkTnRvZFliTUM2WmpLTUM2dz09IiwibWFjIjoiZTkwM2UxNTE5NjUwODllOWQ2YmZjYjUwMGQ3OTI4ZWQzZjRmYzZlY2EyYTc3NzA4Y2I1MGNmN2ZmM2M5YTVlMiJ9&abc=
IP
GET /_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6IlJ2aWVISDNwTjRyK0VjWkptc0FXTEE9PSIsInZhbHVlIjoib0c0ZlZkTnRvZFliTUM2WmpLTUM2dz09IiwibWFjIjoiZTkwM2UxNTE5NjUwODllOWQ2YmZjYjUwMGQ3OTI4ZWQzZjRmYzZlY2EyYTc3NzA4Y2I1MGNmN2ZmM2M5YTVlMiJ9&abc= HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/_kc1h
Connection: keep-alive
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:46 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
set-cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Sun, 26-Feb-2023 02:33:46 GMT; Max-Age=2592000; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
IP
GET /releases/v5.15.4/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:47 GMT
content-type: text/css
x-amz-id-2: pS02KBmPb/XBzxcJI6edHtjwei1Yl7A4pauVd2+OEN9eTzA3MYRX7BjUFE7/kjRSacoavSnb2Zk=
x-amz-request-id: YMBXQGDG68HQ6FGT
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"a034d3c71bee546f625877d7932917f8"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1187226
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BtbBgutHFDr639PfP4QsxnGcl2d87wt18N%2BDusA2bTo0lPawoIjY%2B1c2V9jI8GpD%2BipSXQOvjlN3f93av7Jmfeb%2FgvYS2an7%2BebBhGwTqFVeaiheoh8KejUqJnTpvJQS%2Ba56%2BAg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fe15e6afe77756-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pixel.leadsleap.net/set.html?n1=lltkra156457&v1=493483.27&n2=lltkrb156457&v2=493483.27
200 OK 0 B URL HTTP/2 pixel.leadsleap.net/set.html?n1=lltkra156457&v1=493483.27&n2=lltkrb156457&v2=493483.27
IP
GET /set.html?n1=lltkra156457&v1=493483.27&n2=lltkrb156457&v2=493483.27 HTTP/1.1
Host: pixel.leadsleap.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 02:33:47 GMT
content-type: text/html
last-modified: Thu, 01 Oct 2020 11:41:08 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRMv%2F%2Fduu9NMJy0gl8FVpg%2BXE3YZbXcf8FfzB7AJZzjefsqYYtB2jhqQ%2BAEXaMjp1vC9n6KYRGToStE%2Bi9IchjcRnQPwpgVaAqPcjhsHTwPHZxiXtvkWgOfEAQOdFsJyreRYBbTm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fe15e76b5a0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
34.198.80.184
104.18.21.226
194.242.11.186
157.240.205.11
35.214.184.209
54.37.161.241
93.184.220.29