trafficadbar.com/_kc1h
44.207.227.139302 Found 0 B IP 44.207.227.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_kc1h HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 21 Sep 2022 02:54:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Set-Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Fri, 21-Oct-2022 02:54:48 GMT; Max-Age=2592000; SameSite=Lax
Location: https://t-adbar1.com/_kc1h
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3295
Expires: Wed, 21 Sep 2022 03:49:44 GMT
Date: Wed, 21 Sep 2022 02:54:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 804f8bbb7f556d51a5f52d5ebd5b6eef
922cd7e06df278615a04abb81d811d14596c8180
ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 02:13:30 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: a6lFSEMs1lxChsdtBRtwld_WyZ4CFyHgSaweQ7TEYoZ8L__B9qXRIw==
Age: 2479
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xraiYRn6myhoaqlPPN9FzWSojje4k7-YpOWnCjiBghP5NaqLEkzHog==
age: 80376
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 02:54:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 0cc834d51210609fbccb7a6f06d1c94b
e44973665b4e5fee0075de22bdfa7b87e27177f1
09e774baad3be05281b8b6634beeae46cc3b0e95ad29b1e52f350be6b655591d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 02:54:49 GMT
Last-Modified: Wed, 21 Sep 2022 02:08:09 GMT
Server: ECS (bsa/EB18)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aSrY5uCHKnX39Nckb-SGPmcKqMrV_MHRpWwv3qSy_Rk9ttxIJRHudw==
Age: 2800
t-adbar1.com/favicon.ico
44.196.228.151302 Found 138 B IP 44.196.228.151:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /favicon.ico HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Wed, 21 Sep 2022 02:54:49 GMT
content-type: text/html
content-length: 138
location: https://trafficadbar.com/favicon.ico
server: nginx
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 02:03:22 GMT
Expires: Wed, 21 Sep 2022 02:33:39 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5SIQIQEkOt4hbIvE6bmwcbVm8H1nFhyJ8UGm3I1KjasLPBaF3eEUGA==
Age: 3087
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2220
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:49 GMT
Last-Modified: Wed, 21 Sep 2022 02:17:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
t-adbar1.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
44.196.228.151302 Found 138 B URL HTTP/2 t-adbar1.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
IP 44.196.228.151:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Ik5UQ1BtM29RSUk4ZzRGd3RMQmM4Q3c9PSIsInZhbHVlIjoiVUpQcVl5aWtBR3ZRa0dUU0tORmtUZz09IiwibWFjIjoiMjBlNDU5YjQyYjVlOGM3MDNmNWZiMGVmYjg2NmQzZGMxMmIwYzM1Njg0NTAxMTBiZmJlYzNkMTI5MjMzZDYyZCJ9&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Wed, 21 Sep 2022 02:54:49 GMT
content-type: text/html
content-length: 138
location: https://trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
server: nginx
X-Firefox-Spdy: h2
t-adbar1.com/assets/BarController.js
44.196.228.151200 OK 1.1 kB URL HTTP/2 t-adbar1.com/assets/BarController.js
IP 44.196.228.151:0
File type ASCII text, with very long lines (1068), with no line terminators
Hash efa0db095e35eb95ee151016e47c492b
82a86e0cdbbe5f4a1634b2274f076dbaa053b86e
5adfd45bc89f7c5d9bb06fafb7caf0f317f54849db006ad49301f027ad6ece4c
GET /assets/BarController.js HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Ik5UQ1BtM29RSUk4ZzRGd3RMQmM4Q3c9PSIsInZhbHVlIjoiVUpQcVl5aWtBR3ZRa0dUU0tORmtUZz09IiwibWFjIjoiMjBlNDU5YjQyYjVlOGM3MDNmNWZiMGVmYjg2NmQzZGMxMmIwYzM1Njg0NTAxMTBiZmJlYzNkMTI5MjMzZDYyZCJ9&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:49 GMT
content-type: application/javascript
content-length: 1068
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
etag: "60c06a82-42c"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 878505592d79178cb1b233721fa2feca
7d1a7999e32331981317636c89886ef051fe3642
ce875aef5de25a612cd07810db17d76ed08193372eb4887a458c6e83fc381936
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 02:54:49 GMT
Last-Modified: Wed, 21 Sep 2022 01:11:29 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9TvPGszpWrcogHeC5ToM8EaNVeT7yhPXR3xANk2PdaUs0a6V1iSe-g==
Age: 6200
push.services.mozilla.com/
44.242.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: p6LK3SJt1q5Kqsrg4M5Ryg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1nSTB5klQXQopPtnEI7bUUb+on4=
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 18e987575b4170fca34072224b0736ee
190016578efd94b414e7bf63f1208f989c5a58e6
6390fff175f0c3a9755f9124244dfd113ed3b5b353ff5c2f019dd45ba1571f42
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 02:54:50 GMT
Last-Modified: Wed, 21 Sep 2022 02:03:07 GMT
Server: ECS (dcb/7ECA)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hDzINOexm7a_wtDJgCpvcWDEPO496OsOKzIz3jEBrxiSXz5ibpsQtA==
Age: 3103
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
104.17.25.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32065)
Hash 63827323c175768ccb0e8ed54589a3e5
9760e238d6ecced66396798559f70593793d801e
196f9479a27db836a2a7454e222f0cb52d4eeb162e0a50e69401ba1a8d81b564
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 26909
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e4a"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2443414
expires: Mon, 11 Sep 2023 02:54:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yv4QB6Sx7gv1F4RmgEXlrBFrflPmCuDHfvurnxq94I040GszYIalTf61F6SGzQY8HpjguL2atU%2FUj5UujOxLslcnyFukoXr7H%2BzxUp64RgThKEHJ%2FOlsBhLfYKeutVs1BEqlp5iU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74df84bc0ce5b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lllpg.com/images/trackrarrow.png
172.67.140.164200 OK 1.3 kB URL HTTP/2 lllpg.com/images/trackrarrow.png
IP 172.67.140.164:0
File type PNG image data, 47 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 547b17eac800ff3941e68f9e2dd75d91
5d58e488b1fc1e2214e7450da02b1c8cba483743
930a9d4d4d3d6d7608d177af22beeff79140cce408d86a708f2a5ed1dafba4da
GET /images/trackrarrow.png HTTP/1.1
Host: lllpg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:50 GMT
content-type: image/png
content-length: 1266
last-modified: Tue, 10 May 2022 13:43:23 GMT
cf-cache-status: HIT
age: 224
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwERjTVohZvrt%2FPoKHEJRsN0BHTKY%2Fh%2FcGoZe7lFqKUGvQa7CgyPvfIGMgJqHPc5ce2NaIC%2BqSnrDXjuuFlanUtOzXFqb4FrJo%2F9Kl8ZU%2Bt9%2FTzc8LN2eS5SATA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74df84bc8b1c0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/ui/1.11.4/jquery-ui.min.js
69.16.175.10200 OK 64 kB URL HTTP/2 code.jquery.com/ui/1.11.4/jquery-ui.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32035)
Hash 28749bfe6af321b7c932452b38ce8683
2b444e3dee68a935213db86fd188c22883a65683
9110cdde7eb592e332cf7fa4347e5b3b17a2868ecde80d0c4a054bf0dd5a03b2
GET /ui/1.11.4/jquery-ui.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://llclickpro.com
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:50 GMT
content-encoding: gzip
content-length: 64296
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-3ab2b"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663728890.dop216.sk1.t,1663728890.cds230.sk1.hn,1663728890.cds020.sk1.c
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/all.css
172.64.133.15200 OK 13 kB URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/all.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (59119)
Hash 5febc0ab964a35bed3322326414fe81a
b5715dde8ce89d71bcc615720ff1af616c78fec8
f442bed45200d25b3e030f661eae21b657e29249126a7c7a5e866dd44537b4d8
GET /releases/v5.15.4/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:50 GMT
content-type: text/css
x-amz-id-2: HbM7ijn2Ff9X/1Vt9XeVXF531DG0bzvcTq5CZSGkm/YMoq0CXvSjXF4xJx2aLZ49QpK6+nYyLf0=
x-amz-request-id: 2HZ8KB750WAR2JFJ
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28467151
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDCvV1Xdvk9FwOJFNoSGuM%2FbIFqr5IRagRPHGRuKKXqB8x8bzt0KZnNP3Vhvudslh0yNjCDpOEE8bboWCkq2QhL2SslTw7dPqhlQGoh2rNrLl1Vdf0IqKwlJjIpj2V7V%2B5VRd7Pq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74df84bcafec7717-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 873c56ae2874652c6a813faad5f4ddc4
e3ebd931270439193ffd94fa6348237c3b43cf9c
0eb9f279554de70aa5c49a438ba0812f85d00b4a4c4d8c95ac35a27cdf1cafe0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4582
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:50 GMT
Last-Modified: Wed, 21 Sep 2022 01:38:28 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
t-adbar1.com/_kc1h
44.196.228.151200 OK 3.6 kB IP 44.196.228.151:0
Hash 96a463ce755f62ffe78b385bd9a69d8c
2571909836f84e5f7b6e8e72c075b47907ba4fdf
f5d6c57d11070a1882d99d58365fd520c2cfb9cfa86d0f4ba75457f374441a23
GET /_kc1h HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:49 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
set-cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Fri, 21-Oct-2022 02:54:49 GMT; Max-Age=2592000; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19807
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 02:54:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19807
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 02:54:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19807
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 02:54:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19807
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 02:54:51 GMT
Connection: keep-alive
t-adbar1.com/assets/home_logo.png
44.196.228.151200 OK 14 kB URL HTTP/2 t-adbar1.com/assets/home_logo.png
IP 44.196.228.151:0
Hash 3466861d63d7b42cefcb30581a1da6c5
f3b70faa9201feb04d0081496acb5175bd7bdebd
33de446a44a1fbf71795af75c1555f0405d3c0e238246c03b5fd93220e48ecc4
GET /assets/home_logo.png HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Ik5UQ1BtM29RSUk4ZzRGd3RMQmM4Q3c9PSIsInZhbHVlIjoiVUpQcVl5aWtBR3ZRa0dUU0tORmtUZz09IiwibWFjIjoiMjBlNDU5YjQyYjVlOGM3MDNmNWZiMGVmYjg2NmQzZGMxMmIwYzM1Njg0NTAxMTBiZmJlYzNkMTI5MjMzZDYyZCJ9&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:49 GMT
content-type: image/png
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
vary: Accept-Encoding
etag: W/"60c06a82-9a6"
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JEb0g486u6AjYFbf8rSbreKjh0m1GsAGbvykHl0oahmVN2ciqe5FOw==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:14:57 GMT
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
age: 16794
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29be3958-30ed-4b26-8320-662d71b90880.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29be3958-30ed-4b26-8320-662d71b90880.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34c353f713d6d470480fdeeb5175a123
f073fc7f24465b76b3681c462c60cd047ed67a6a
0449daa32ab4ec32fa999551cc9ab634c46e15891299162cbb4bbaad6ffa4753
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29be3958-30ed-4b26-8320-662d71b90880.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7700
x-amzn-requestid: 70bc75e2-b2ac-46b1-872d-1527bddf7726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCkEHMCoAMFsGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e19-7da4b1595f325bc864d1cc27;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zL6ZurGjH8nArpKRNenog0dn5IIAyWirefe-WA6YulwYhrtTTn0V4A==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:36:39 GMT
age: 15492
etag: "f073fc7f24465b76b3681c462c60cd047ed67a6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2db94039cb675cb250519fe57b2b3c9
37222a70df5d9a69073b4b32ebc3a5da60006001
444f4359ac25747e7c5d7e09202f195d407bc94a4933ac7ebbbaf9839bf59aff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12048
x-amzn-requestid: bc551b18-fddb-4502-8c11-b8de83d75def
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YwlKzF9FoAMFp_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329b578-7e030b2e0af1d1c309d2dde6;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 12:43:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q4_aUdJyUhQIezjvo7LtOw_0pV-W3EkdLVzVnVB4_4gHSK9AYhrTxA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 12:43:36 GMT
etag: "37222a70df5d9a69073b4b32ebc3a5da60006001"
content-type: image/jpeg
age: 51075
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb447f31d-2a9a-4657-a829-f79bc662f662.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb447f31d-2a9a-4657-a829-f79bc662f662.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 285c04fe0904d41ab1c0259942fa26ec
3a5ad499b134a33e79d5fe00c7f5c7c098b3ee34
b91184725a4171202201b5478271a3ab361c54a8893b4dee70d941821a2e70a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb447f31d-2a9a-4657-a829-f79bc662f662.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10293
x-amzn-requestid: 5a671850-4cb5-4fd6-a1c2-522f5d0ad17a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfWHsFkcoAMFZ6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322d097-575aeb0930914bd55b883cad;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:13:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p8KuSJEoKWnND19NLSl2yTDx5-_Apm6-3H6-JCiy6YxNojrh1pUF-w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 03:13:04 GMT
age: 85307
etag: "3a5ad499b134a33e79d5fe00c7f5c7c098b3ee34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 267173c6b4e4e6ae4a84dc08df92f82f
4183102af1963e1edb3aa572c43aeda7d855e9f5
20487bb2e59f2e6afcaaac3e3c4f1dfec9a8ef761403a44f7f92a6b57d143714
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9271
x-amzn-requestid: b8139dfc-8f24-41e0-9948-56bad215416c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yx0Q-EkZoAMF_sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a3406-4365026f7f832cee0c12e4d7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:43:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhTzqhSMCDgWwTSsmfM_3jBwV-g0fVABMLy-gwrjoxaoE4VomNqahg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:38:46 GMT
age: 15365
etag: "4183102af1963e1edb3aa572c43aeda7d855e9f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash db376f916fc982818c445f3c28fdf09d
94d830dfe5aa6825ede2181560ca0d80fce451aa
09ab1e193b61bd8a9775d01881ef1eabd73a1bc6a30bbfebf7633a3daab2a10c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09AB1E193B61BD8A9775D01881EF1EABD73A1BC6A30BBFEBF7633A3DAAB2A10C"
Last-Modified: Tue, 20 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13036
Expires: Wed, 21 Sep 2022 06:32:07 GMT
Date: Wed, 21 Sep 2022 02:54:51 GMT
Connection: keep-alive
www.morecouponstogo.com/uni-landing
34.237.47.210200 OK 33 kB URL HTTP/2 www.morecouponstogo.com/uni-landing
IP 34.237.47.210:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5272)
Hash 6b5c672a11e9a3aacccda337519bf38b
705a889996e53438e75c851e33e2d232d02ffa79
95e4c4bdb37a58a29a9d3312b105fd9540c0813c0735951e0256d3acef74bc3d
Analyzer Verdict Alert fortinet Phishing
GET /uni-landing HTTP/1.1
Host: www.morecouponstogo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 02:54:51 GMT
content-type: text/html; charset=UTF-8
content-length: 33301
x-brizy-preview: 1
vary: Accept-Encoding
content-encoding: gzip
x-varnish: 27722817 1540426
age: 559285
via: 1.1 varnish (Varnish/6.2)
x-cache: HIT
x-cache-hits: 999
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1703ed1cdd3dc82c7a9436b4ec0bb436
b47a8adde9689736bc6df80143cd43004ca3fce9
b4400f74428171326c0697896c024479a73c1548f23476354f37cd3109979efd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3352
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:51 GMT
Last-Modified: Wed, 21 Sep 2022 01:58:59 GMT
Server: ECS (amb/6BA9)
X-Cache: HIT
Content-Length: 280
trafficadbar.com/bar/show.js
52.202.155.140200 OK 686 B URL HTTP/2 trafficadbar.com/bar/show.js
IP 52.202.155.140:0
Hash 66356b4b9464e02a05c7f92c682cce02
fe2db8c863bdb4b14b4561063d390f84ab780245
cb651d49727b72f43b47bd846a04861548f42f2e8ad59c7535c5e1ba326d3d6c
GET /bar/show.js HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:51 GMT
content-type: application/javascript
content-length: 686
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
etag: "60c06a82-2ae"
expires: Sun, 20 Nov 2022 02:54:51 GMT
pragma: public
cache-control: max-age=5184000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 0e653fd2e92920e0a63af995f9d4a05e
28e817c03f21dff9ed8ca9463dcdb5ccd3de844d
e07aa2a54299217a10acd34f0ea02a4d5f09ea93e6944e4925c79d4554f2c747
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 02:54:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 17:02:02 GMT
Expires: Sat, 24 Sep 2022 17:02:01 GMT
Etag: "28e817c03f21dff9ed8ca9463dcdb5ccd3de844d"
Cache-Control: max-age=309429,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74df84c67afa0afe-OSL
www.redbubble.com/assets/external_portfolio.js
104.18.34.248301 Moved Permanently 368 B URL HTTP/2 www.redbubble.com/assets/external_portfolio.js
IP 104.18.34.248:0
File type gzip compressed data, last modified: Mon May 16 10:06:05 2022, max compression, from Unix\012- data
Hash b5ec16a6962b298f78b6cec8ea07c798
92156c23772de75b11fbb3842cff7aafb3f36d2f
a3b8c3ae6fd1b0a623464b1babc563fece01356823bd51f662c6fdc34e2fad26
GET /assets/external_portfolio.js HTTP/1.1
Host: www.redbubble.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 21 Sep 2022 02:54:51 GMT
location: https://d1ielco78gv5pf.cloudfront.net/assets/external_portfolio.js
cache-control: max-age=3600
expires: Wed, 21 Sep 2022 03:54:51 GMT
set-cookie: __cf_bm=knSLC3.wJMdc73kXzEoq_dS6xZDnA7pHHDsrTEUDuIA-1663728891-0-AZJNHF/iJY2kqqnK5mUo+yQ/XwEjprCjfsbNphdBw19U+4y90p4UNyJUBDr4hLBl06bBbScfYjf7wils5E5IC5Y=; path=/; expires=Wed, 21-Sep-22 03:24:51 GMT; domain=.redbubble.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 74df84c67e3db509-OSL
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash b6c7dd46b7ad9dc537421aefdd43be80
8e62d0b7c618d47776da78c3c62345a5b8a654a0
932d26aa3a4e261cc5f97768d077504ce21f4790e826cc2d55b430bc4f25127c
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 02:54:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 24 Sep 2022 23:22:16 GMT
ETag: "8e62d0b7c618d47776da78c3c62345a5b8a654a0"
Last-Modified: Tue, 20 Sep 2022 23:22:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2613
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74df84c7087eb51e-OSL
www.googletagmanager.com/gtag/js?id=G-LRYZTN7NCV
142.250.74.72200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LRYZTN7NCV
IP 142.250.74.72:0
File type ASCII text, with very long lines (17807)
Hash 0dff359db5f2f3a33f1bd5770171fbe7
2c7760471f7e0129828a15816be216e37c378829
f3f88644acbba92a7f14f996d781497748c28b428a337a5f31ab36cf853a5c22
GET /gtag/js?id=G-LRYZTN7NCV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 02:54:51 GMT
expires: Wed, 21 Sep 2022 02:54:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75596
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 0e653fd2e92920e0a63af995f9d4a05e
28e817c03f21dff9ed8ca9463dcdb5ccd3de844d
e07aa2a54299217a10acd34f0ea02a4d5f09ea93e6944e4925c79d4554f2c747
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 02:54:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 17:02:02 GMT
Expires: Sat, 24 Sep 2022 17:02:01 GMT
Etag: "28e817c03f21dff9ed8ca9463dcdb5ccd3de844d"
Cache-Control: max-age=309428,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74df84c67ea50b02-OSL
b-cloud.b-cdn.net/builds/pro/115-cloud/css/group-3-pro.css
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/115-cloud/css/group-3-pro.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /builds/pro/115-cloud/css/group-3-pro.css HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:52 GMT
content-type: text/css
content-length: 0
server: BunnyCDN-NO-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Tue, 16 Aug 2022 09:36:39 GMT
x-amz-id-2: /GKm3F1SrQwXUMTgP+bBBorpUYm33AslOgoKImZ0UBhwe6ZID7A/hz7xR0Bn5J7fd5lHycjqtMo=
x-amz-request-id: 0X3YEM599KPDTDZQ
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/21/2022 00:33:07
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/115-cloud/css/group-3-pro.css>; rel="canonical"
cdn-status: 200
cdn-requestid: 62ebea730cc3d725c6c10ec29d0de4c9
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 0e653fd2e92920e0a63af995f9d4a05e
28e817c03f21dff9ed8ca9463dcdb5ccd3de844d
e07aa2a54299217a10acd34f0ea02a4d5f09ea93e6944e4925c79d4554f2c747
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 02:54:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 17:02:02 GMT
Expires: Sat, 24 Sep 2022 17:02:01 GMT
Etag: "28e817c03f21dff9ed8ca9463dcdb5ccd3de844d"
Cache-Control: max-age=309428,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74df84c6cf65b4f4-OSL
b-cloud.b-cdn.net/builds/pro/115-cloud/js/preview.pro.js
194.242.11.186200 OK 64 kB URL HTTP/2 b-cloud.b-cdn.net/builds/pro/115-cloud/js/preview.pro.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash f30e4a94df72582e9a89ee04c100e34a
aa80567fba2a49a20cbf80787240d1ba147d2156
0343d3e0f000687af9a7cc67124abe6f47ae73e518d2f9a2fc116c70c410a1b3
GET /builds/pro/115-cloud/js/preview.pro.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:52 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"a0846c37d24aba87fd848f37cd3c3281"
last-modified: Tue, 16 Aug 2022 09:36:39 GMT
x-amz-id-2: lioG9ZPUaCHsG1hw25KZAO17ZYhDWcXUL+kjxbFr2Mqn9E6cI1s2eQcAPaP+36n2Bd4VbqMdjN0=
x-amz-request-id: T82MEWJ6G32WFX45
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/16/2022 10:39:07
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/115-cloud/js/preview.pro.js>; rel="canonical"
cdn-status: 200
cdn-requestid: b82f448de6b7217c80e01b9fe463b12c
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:40:18 GMT
expires: Fri, 15 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 468874
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a-cloud.b-cdn.net/media/iW=114&iH=114&oX=0&oY=18&cW=114&cH=79/9b040f5e483e93a7cce7e811fc84b625.png
194.242.11.186200 OK 2.4 kB URL HTTP/2 a-cloud.b-cdn.net/media/iW=114&iH=114&oX=0&oY=18&cW=114&cH=79/9b040f5e483e93a7cce7e811fc84b625.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash e2efb80dd70da9c830d24a0f9f300c55
6aa426ea229ea9dcf4a8b92061a05c4550da84af
4b52bf99734c07dc456858b0bb76f90efc9a98608b96ad6a6ae03068f3c73694
GET /media/iW=114&iH=114&oX=0&oY=18&cW=114&cH=79/9b040f5e483e93a7cce7e811fc84b625.png HTTP/1.1
Host: a-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:52 GMT
content-type: image/webp
content-length: 2422
server: BunnyCDN-NO-830
cdn-pullzone: 465925
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Wed, 21 Sep 2022 00:33:08 GMT
x-bo-server: DE-42
x-downloadsize: 3464
x-bo-origindownloadtime: 373
x-bo-processingtime: 0
x-bo-compressionratio: 30.08%
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/21/2022 00:33:08
cdn-edgestorageid: 830
link: <https://www.brizy.cloud/media/iW=114&iH=114&oX=0&oY=18&cW=114&cH=79/9b040f5e483e93a7cce7e811fc84b625.png>; rel="canonical"
cdn-status: 200
cdn-requestid: 6fe05fc58dba2ca30fea35a73bee3f56
cdn-cache: HIT
X-Firefox-Spdy: h2
w.leadsleap.com/js.js
172.67.69.111200 OK 2.0 kB IP 172.67.69.111:0
File type ASCII text, with very long lines (4026), with no line terminators
Hash 8658b55161bbc23d98450ccf984be41c
96caecefe214fa3dd0880315ef72c68712f0eff7
c7f4ccea18fa46c41d532763825f8f4394142bd4144dbce9db6e13c142169cb9
GET /js.js HTTP/1.1
Host: w.leadsleap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:51 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4038
last-modified: Mon, 06 Jun 2022 14:11:07 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 3926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1KFmV2TFTZ5LcFwe13FOHxrsolB%2BX1pFeLZ94FH1b6jCY3Bn5p8eEELSr7fy%2FWKhYtAM%2B0QWd%2BKeP7g9M262h9AV0uqadvHzukg0m%2BVQHY4vY9sxQUumkxfW7uf0IRAtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74df84c6bf6cb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
142.250.74.163200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:14:35 GMT
expires: Tue, 19 Sep 2023 21:14:35 GMT
cache-control: public, max-age=31536000
age: 106817
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/palanquindark/v12/xn76YHgl1nqmANMB-26xC7yuF8YyY14yd8o.woff2
142.250.74.163200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/palanquindark/v12/xn76YHgl1nqmANMB-26xC7yuF8YyY14yd8o.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 18824, version 1.0\012- data
Hash 0b8cbe6afbac36bab648231406851927
2f67e3adf1061cf82e075d636ae22bc4fca731ea
2c83b448afb8398f6ff0f1d684f125b13e0889b05c5041bb8ff4eb680a892089
GET /s/palanquindark/v12/xn76YHgl1nqmANMB-26xC7yuF8YyY14yd8o.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 16:22:28 GMT
expires: Wed, 20 Sep 2023 16:22:28 GMT
cache-control: public, max-age=31536000
age: 37944
last-modified: Mon, 09 May 2022 18:56:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 35071
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/palanquindark/v12/xn75YHgl1nqmANMB-26xC7yuF86JRks.woff2
142.250.74.163200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/palanquindark/v12/xn75YHgl1nqmANMB-26xC7yuF86JRks.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 20084, version 1.0\012- data
Hash 732c9716022aa43449564603e08aeb9b
477fa3a5c43696287d20b4b491e36d754d1c8866
37bb3776ce24d18cccdd5dc96199ad60c22afd1e190452a18e8c4fd2f8679a98
GET /s/palanquindark/v12/xn75YHgl1nqmANMB-26xC7yuF86JRks.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20084
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:53:31 GMT
expires: Fri, 15 Sep 2023 16:53:31 GMT
cache-control: public, max-age=31536000
age: 468081
last-modified: Mon, 09 May 2022 18:42:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68e34bf52251cb0f4e66cad3b7a07cd8
0669d941d851158083d5dec02a555a0e912ff4a5
a44aa6f3faf01eeda96ae4d2d78b82862a09db76b307e7f7e5189eef3e15fc14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A44AA6F3FAF01EEDA96AE4D2D78B82862A09DB76B307E7F7E5189EEF3E15FC14"
Last-Modified: Mon, 19 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13096
Expires: Wed, 21 Sep 2022 06:33:08 GMT
Date: Wed, 21 Sep 2022 02:54:52 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
142.250.74.10200 OK 32 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
IP 142.250.74.10:0
Hash 91ef3bf88c5f6ab3c1261c63b4d390af
a0601dc804116e1f7e0d7fe6fe62745e18aad337
27d9d30a1d99d3953064fa061a541bc81e01315eafcf5a87473b4a7b1f3da2da
GET /css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 02:54:51 GMT
date: Wed, 21 Sep 2022 02:54:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 9d7bc8c71a70d06455b2e4d0d096e866
4a9bb95c53391a92ed14758e832ce0f66e177a6c
7185859d61678d853a3879ad6d14957f1b473f8495a2abfe0185cbf3f3b1be1b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 02:54:52 GMT
Last-Modified: Wed, 21 Sep 2022 02:11:54 GMT
Server: ECS (dcb/7EC6)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OwUBvXa4rvCQidZYUuNSmKKYcc1jpjB3ElyUtoQfFp9CPWrL_SE5BA==
Age: 2578
yazing.com/js/showdeals-yzwg.js?id=yzwg-2764a27acd553fdd6f61b46260e7d50c&d=2051
54.162.214.56200 OK 1.3 kB URL HTTP/1.1 yazing.com/js/showdeals-yzwg.js?id=yzwg-2764a27acd553fdd6f61b46260e7d50c&d=2051
IP 54.162.214.56:0
Hash 1bf2bd339fc8d9a60c52c8261afb0563
c0bacf7055ab2bc2654bc9014ce67c43aefea261
69d8cab7b077ecb6b5cbcb3a8271cc0daf2c6f4449f567cb5afe7299cbbb13b3
GET /js/showdeals-yzwg.js?id=yzwg-2764a27acd553fdd6f61b46260e7d50c&d=2051 HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 02:54:52 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Tue, 07 Jun 2022 08:14:40 GMT
ETag: "ee9-5e0d72e2d0111-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Content-Length: 1294
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.youtube.com/embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY
142.250.74.174200 OK 617 kB URL HTTP/2 www.youtube.com/embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (60273)
Size 617 kB (616552 bytes)
Hash b1f290c04951166fd6364de5d25d41a8
3402fb415826324c02110903330e9df1d2cb61ad
28e31044089fa51d4e116726961f85c7f403dea5443111b6ccbc89637692aa53
GET /embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 21 Sep 2022 02:54:52 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=bis7Z4tsht8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=vHipSug5AqU; Domain=.youtube.com; Expires=Mon, 20-Mar-2023 02:54:52 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+716; expires=Fri, 20-Sep-2024 02:54:52 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9405985bfe6aab7c008cf3a305f79b0f
d698b786300ea45e2cd1b9d3fadf2639e71efe5e
28c7a840f64d83b92b41d7255788845fbe83aefbee8acf3d8cb131ffd81f6267
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1837
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:52 GMT
Last-Modified: Wed, 21 Sep 2022 02:24:15 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/undefined/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/undefined/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1961)
Hash 3db534e77465c28d1c153a53871d94bc
102ad69789aace4331ecdc25701c8338dab8bb8f
5ece4ef818388e486aea537804bd06a9856e3bb85b4d566c1dafb6e97fb15286
GET /undefined/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 19da0b4ea4bf15822b8e6a615f320894
etag: "6248b7d838548ba70bc92b52b963f919"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 21 Sep 2022 03:04:54 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: PbU053Rlwo0cFTpThx2UvA==
x-fb-debug: RQmZwB9uDoTKyUYyDosJgQvPEEANMAtaEPSITA/EUsHau91/r2AKZJWCgT0OP5doM4z0+jInzHpEz1HzOnkeew==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1679558926
date: Wed, 21 Sep 2022 02:54:52 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9405985bfe6aab7c008cf3a305f79b0f
d698b786300ea45e2cd1b9d3fadf2639e71efe5e
28c7a840f64d83b92b41d7255788845fbe83aefbee8acf3d8cb131ffd81f6267
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1837
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:52 GMT
Last-Modified: Wed, 21 Sep 2022 02:24:15 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
yazing.com/widget/ajax-show-deals
54.162.214.56200 OK 5.0 kB URL HTTP/1.1 yazing.com/widget/ajax-show-deals
IP 54.162.214.56:0
File type JSON data\012- , ASCII text, with very long lines (5046), with no line terminators
Hash 9c6a9a8406c4369e64dafe33e4f4c663
95367ec91b52dd158428cec120f1a8f8182987be
2b549dd7d2fc206ef009905307a7cdc59d4ab7a064fe846e4cee45c1c8e97464
POST /widget/ajax-show-deals HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 350
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 02:54:53 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: advanced-frontend=ed6cptboq0augpe446bulm27il; expires=Fri, 20-Sep-2024 02:54:53 GMT; Max-Age=63072000; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Content-Length: 5046
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
yazing.com/uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png
54.162.214.56200 OK 32 kB URL HTTP/1.1 yazing.com/uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png
IP 54.162.214.56:0
File type PNG image data, 156 x 156, 8-bit/color RGB, non-interlaced\012- data
Hash e73e4950ca69496813697388bd293d8e
5d318dc8a278e0557dd0a27001294b2bdfbbc67f
9b79ee4d11f956e94c8bf287a0f813bd48dc25f269f121685393abbb37e271e1
GET /uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 02:54:54 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sat, 08 Jan 2022 10:03:48 GMT
ETag: "7ee3-5d50f3844096e"
Accept-Ranges: bytes
Content-Length: 32483
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 7e24e09d17a24d77bd4aef2e2b704b35
70b4c3ad464ac77ef1541603dadb685321bb538a
cd9c0f13d1642292319c70b2e3e48ca2f82c4779779a240f70432d5dc484cf57
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 02:54:54 GMT
Last-Modified: Wed, 21 Sep 2022 01:41:45 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EAr_R9XL5L9E6c4pvAXsOxoZ06XxRofefeROzUJcgHC62Eg_AqeRMQ==
Age: 4390
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 49e04895b7f1a20f1782657e17b7a664
227545101f96c134f39a91bdd1d6efb77add10c1
8931175502f91058993a98cc977953e745e426fe8a8a74932386bc7891cb1e7d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8931175502F91058993A98CC977953E745E426FE8A8A74932386BC7891CB1E7D"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18204
Expires: Wed, 21 Sep 2022 07:58:18 GMT
Date: Wed, 21 Sep 2022 02:54:54 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 7e24e09d17a24d77bd4aef2e2b704b35
70b4c3ad464ac77ef1541603dadb685321bb538a
cd9c0f13d1642292319c70b2e3e48ca2f82c4779779a240f70432d5dc484cf57
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 02:54:54 GMT
Last-Modified: Wed, 21 Sep 2022 01:34:52 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L0vKI9Cu5POTNz_SKL4z6AYhkweBJ1VvqfNkSkN34Q03mit0HGVXBQ==
Age: 4802
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 7e24e09d17a24d77bd4aef2e2b704b35
70b4c3ad464ac77ef1541603dadb685321bb538a
cd9c0f13d1642292319c70b2e3e48ca2f82c4779779a240f70432d5dc484cf57
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 02:54:54 GMT
Last-Modified: Wed, 21 Sep 2022 01:06:29 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: y988_0_SeCtIgKsiuwSzeHj0APDYRl_tD1dzoyY_W_ktpjQALHWn4Q==
Age: 6505
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 7e24e09d17a24d77bd4aef2e2b704b35
70b4c3ad464ac77ef1541603dadb685321bb538a
cd9c0f13d1642292319c70b2e3e48ca2f82c4779779a240f70432d5dc484cf57
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120795
Date: Wed, 21 Sep 2022 02:54:54 GMT
Etag: "6329a317-1d7"
Expires: Thu, 22 Sep 2022 12:28:09 GMT
Last-Modified: Tue, 20 Sep 2022 11:25:11 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: h_9-hauybnXzcda0JpQE1WQtm2yeqc0kE2D3AsIwTN59Q2B0lNNtNA==
Age: 3778
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 7e24e09d17a24d77bd4aef2e2b704b35
70b4c3ad464ac77ef1541603dadb685321bb538a
cd9c0f13d1642292319c70b2e3e48ca2f82c4779779a240f70432d5dc484cf57
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122418
Date: Wed, 21 Sep 2022 02:54:54 GMT
Etag: "6329a317-1d7"
Expires: Thu, 22 Sep 2022 12:55:12 GMT
Last-Modified: Tue, 20 Sep 2022 11:25:11 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Sl8PH_R7wqGUrsx2Av1Juo8nkRlWDcLTOea_myvkCq2xf7Vj5BcsVg==
Age: 5401
s3.amazonaws.com/logos.formetocoupon.com/120x60/6371.gif
52.217.16.102200 OK 3.3 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/6371.gif
IP 52.217.16.102:0
File type GIF image data, version 89a, 120 x 60\012- data
Hash 0848dda6f9148f1f1c58add084bfbc08
2b4375d49f17ff29afe8bf25e02f9fa18431a172
5e3094b7ac855db3b122c4615b8d006c68d217c32d0623783a5dbd7e2b47ddd7
GET /logos.formetocoupon.com/120x60/6371.gif HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: D/sUlex+HZEScbCdsi9u88SDkomw8hCIaJW3mOUZhYEGU6DJkLx30e7XXO/8Onxg6mchltryyQQ=
x-amz-request-id: 4VDD2N76EQZYH9H4
Date: Wed, 21 Sep 2022 02:54:55 GMT
Last-Modified: Fri, 11 Apr 2014 21:02:06 GMT
ETag: "0848dda6f9148f1f1c58add084bfbc08"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 3289
s3.amazonaws.com/logos.formetocoupon.com/120x60/7917.png
52.217.16.102200 OK 10 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/7917.png
IP 52.217.16.102:0
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b5d385907bcf0703ae7ead02b368c80
d831c2f7ab7abd33317198d7492c34c4c8959c51
1c8928c1b3d80b09befdb9bf131ed0033f86a64f7f6412ad2924224d2363827b
GET /logos.formetocoupon.com/120x60/7917.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 7f0p8Z1fAABSgh/VZ6/pLs9jR4uI/4MbsPTkuAPddGjkWpUiLGwbQlIbLWOaXw1cehXqS2t4A/0=
x-amz-request-id: 4VD79Y682R9S20N1
Date: Wed, 21 Sep 2022 02:54:55 GMT
Last-Modified: Fri, 16 Feb 2018 13:29:19 GMT
ETag: "3b5d385907bcf0703ae7ead02b368c80"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 9970
s3.amazonaws.com/logos.formetocoupon.com/120x60/33881.jpg
52.217.16.102200 OK 22 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/33881.jpg
IP 52.217.16.102:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:06:01 08:10:22], baseline, precision 8, 120x60, components 3\012- data
Hash e394b576ca95e2a49a8a7b8eda503c6a
a1fe574db4bb064614c810b4eeb293b3d3b221ec
7a55deebd04dce485ef536bdfd55f4c8a2aed9deaac22e987dfaefbc58f998a9
GET /logos.formetocoupon.com/120x60/33881.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: avTGxpGqiRhabngP+QyWT7Kl4Tjsp/H8Co53DzzfZqxtY7i6EIMdX09MoN8qFDCFA5cvelicQcM=
x-amz-request-id: 4VD7RC0XKJFNDH0X
Date: Wed, 21 Sep 2022 02:54:55 GMT
Last-Modified: Wed, 01 Jun 2022 06:12:32 GMT
ETag: "e394b576ca95e2a49a8a7b8eda503c6a"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 21602
s3.amazonaws.com/logos.formetocoupon.com/120x60/25994.png
52.217.16.102200 OK 23 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/25994.png
IP 52.217.16.102:0
File type PNG image data, 120 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash d393ea44323ada3ef8d05acc389162a5
22c912b333887cbe0a9ddc502e47608f5f5b9664
393c9d3eb32c980b810f48cf80a19fe54143694027a5a9d5be9e7f93b8402119
GET /logos.formetocoupon.com/120x60/25994.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: XctH5oXG980RPCTHHfa5+hgAQz489oN2STOBBAxgpKd46vay+77bwl4Zz7k582Q08CoNo9tfcuc=
x-amz-request-id: 4VDF01KH6AVYM75F
Date: Wed, 21 Sep 2022 02:54:55 GMT
Last-Modified: Mon, 07 Dec 2015 16:49:59 GMT
ETag: "d393ea44323ada3ef8d05acc389162a5"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 23209
trafficadbar.com/bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
52.202.155.140302 Found 32 kB URL HTTP/2 trafficadbar.com/bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
IP 52.202.155.140:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2019:12:09 11:35:22], baseline, precision 8, 120x60, components 3\012- data
Hash a16b43f73d95fbfdc48816eaafdc47c9
f84950482be1db3e2aff7c08d18b87ed542c1e5c
c577d99bd06de7d5d269339b692b8108ffd1d87ae2b3d060628a570e45f46474
GET /bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://trafficadbar.com/bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Wed, 21 Sep 2022 02:54:52 GMT
content-type: text/html; charset=UTF-8
server: nginx
location: /bar/page2.php?a=MTGSamurai&b=490&c=90&d=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&ref1=https%3A%2F%2Fllclickpro.com%2F&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/46170.jpg
52.217.16.102200 OK 23 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/46170.jpg
IP 52.217.16.102:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:01:27 19:07:58], progressive, precision 8, 120x60, components 3\012- data
Hash f74ddffa1803f21402e9fcd29f5a12de
610e36df75d42ae84289fb935d88133cd9c7d3cd
612916df133fea1143359c190b7fd1d8810e26753e82581439f44e676d596357
GET /logos.formetocoupon.com/120x60/46170.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Cgw7lRFRd8XAjdvU94N9SKYt4WLcWI7DeFb3+azv2WHyPWR+zbEvAjszluuvEl81mH0Y3CLQudE=
x-amz-request-id: 4VD7HWX6MBS812A5
Date: Wed, 21 Sep 2022 02:54:55 GMT
Last-Modified: Wed, 27 Jan 2021 17:08:30 GMT
ETag: "f74ddffa1803f21402e9fcd29f5a12de"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 22751
s3.amazonaws.com/logos.formetocoupon.com/120x60/44869.jpg
52.217.16.102200 OK 19 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/44869.jpg
IP 52.217.16.102:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2020:09:18 18:09:06], baseline, precision 8, 120x60, components 3\012- data
Hash ce9e1958f27f0be73c24b082a03db1ee
9becb08536ff59411906a36ed1726cdacac9de7f
536bbe84654fd64313413b81a19fba5744347c91f2142557be4f3f664eb1bbe9
GET /logos.formetocoupon.com/120x60/44869.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: tyqRbLbE56DjFl3K0yNHXeEVfqUEJMvaIBz1HFf69gIlpFJCz8yqlC3A+pbAEqjEADoGVdpFPf0=
x-amz-request-id: 4VDBQ9DGM0A4WVAV
Date: Wed, 21 Sep 2022 02:54:55 GMT
Last-Modified: Fri, 18 Sep 2020 16:09:35 GMT
ETag: "ce9e1958f27f0be73c24b082a03db1ee"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 19298
s3.amazonaws.com/logos.formetocoupon.com/120x60/54542.jpg
52.217.16.102200 OK 18 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/54542.jpg
IP 52.217.16.102:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:03:07 16:35:31], progressive, precision 8, 120x60, components 3\012- data
Hash ee7ea801da4d3e4e7c0632de66b32b55
ce772dada69ed88d5e55ab8244d57ea7156e0de9
a64251d032b023eb08c08b9c8e53d5918bdbd0ae25856c0d081311a2cfed5db1
GET /logos.formetocoupon.com/120x60/54542.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 1C75h3uWCrCT5YLohUlRQiNgNOD2tCG7vh7NQwQW09zV94ChxzjLkdp1TCUnPOH6dgpd1C0qPVE=
x-amz-request-id: 4VD818YAR32KQEBY
Date: Wed, 21 Sep 2022 02:54:55 GMT
Last-Modified: Mon, 07 Mar 2022 14:36:02 GMT
ETag: "ee7ea801da4d3e4e7c0632de66b32b55"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 18174
s3.amazonaws.com/logos.formetocoupon.com/120x60/45137.jpg
52.217.16.102200 OK 23 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/45137.jpg
IP 52.217.16.102:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2020:10:07 08:48:42], baseline, precision 8, 120x60, components 3\012- data
Hash c06f917133f51135a708a10e060e52fe
3cf6f925484233fbe0abc4cf7d0105073349302f
284666ca3c61afdcbfcc92940c37320f7f27bd0e7a12e6a8c87e9c5a787f7627
GET /logos.formetocoupon.com/120x60/45137.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: BQo9Ntf46qETh4x3IqXXAVkn2EqfQOAhUjFNIcTtwTENUCkfSBuaLgbTZjJ7qZaAbkfy+FV9Jr4=
x-amz-request-id: 4VDA5W8K65NWXR1J
Date: Wed, 21 Sep 2022 02:54:55 GMT
Last-Modified: Wed, 07 Oct 2020 06:48:52 GMT
ETag: "c06f917133f51135a708a10e060e52fe"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 23080
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e871380318c8a883f329ca25b2ee36c
e8d3585a45b2b32814096416b12028644c3aff50
0496e550737efc29d25e0bed099c472680f2367aa3d4cde4209bfa9af41fd9d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 02:44:23 GMT
expires: Wed, 21 Sep 2022 02:59:23 GMT
cache-control: public, max-age=900
age: 632
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 21 Sep 2022 02:54:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e871380318c8a883f329ca25b2ee36c
e8d3585a45b2b32814096416b12028644c3aff50
0496e550737efc29d25e0bed099c472680f2367aa3d4cde4209bfa9af41fd9d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a12fa245bdb2a12c14aa625f9bfc70aa
26344a4a03aa56f371de157fa5908e0b4b6f41ca
ead8f63b11002b38d302c3bca8cd396e1b3b6590966a0ab2ab2fbb23c13783fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAD8F63B11002B38D302C3BCA8CD396E1B3B6590966A0AB2AB2FBB23C13783FA"
Last-Modified: Mon, 19 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9659
Expires: Wed, 21 Sep 2022 05:35:54 GMT
Date: Wed, 21 Sep 2022 02:54:55 GMT
Connection: keep-alive
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 21 Sep 2022 02:54:55 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 5f9fdb98d8ce9fd51237711af6031db5
f728e8445bbe34f201be91f38540c9ffba6b7583
ccf1dec95d92fdd0c63d5936c226517838e213101dadfaa514fffb38e7cc4861
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Sep 2022 02:54:55 GMT
server: ESF
cache-control: private
content-length: 31010
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 67b756e82caefc7860b9f2d4a4f40341
adeae15d52089bcca4ca247fc4aebceef8406e34
72ff9f52080a633dc841554f7d4cc70083edd2572b535d84093ae63f0c50b832
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/0Q0sPaTf27KkVV0qBrYI7cmJeSJkpG4CF1zVddAZEjs.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/0Q0sPaTf27KkVV0qBrYI7cmJeSJkpG4CF1zVddAZEjs.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36110)
Hash d348ea7c67cf70cc27add8ec15920c5f
46b2db74425f5c6c10c69831277b83c76c8c24b8
e9198b139add4e4683e04549366c63b57000c4e9d719c0e5820124d63d0fccff
GET /js/th/0Q0sPaTf27KkVV0qBrYI7cmJeSJkpG4CF1zVddAZEjs.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:09:26 GMT
expires: Thu, 14 Sep 2023 05:09:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Sep 2022 11:00:00 GMT
content-type: text/javascript
age: 596729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ada29f357ebf16bf037a8f7ca0943687
08a6e41c5fa688ca538b3e4b30ec8100fb292aaf
e368e32c7f8c8d2ae99520c324a2571ed402c80f76aec3c05a9711df12150de5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/ZFBI_JoDwew/sddefault.webp
216.58.207.246200 OK 21 kB URL HTTP/2 i.ytimg.com/vi_webp/ZFBI_JoDwew/sddefault.webp
IP 216.58.207.246:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9bc80783dd42606a38e3210ad1b3711d
28445b6ec0a0426acf5164a6df5076b7303347a6
3248bd00f508984ec3bdaea739c1f2a745768a30e6d897c2aa4d928ad84ac54e
GET /vi_webp/ZFBI_JoDwew/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 21248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 02:54:55 GMT
expires: Wed, 21 Sep 2022 04:54:55 GMT
cache-control: public, max-age=7200
age: 0
etag: "1648682389"
content-type: image/webp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ada29f357ebf16bf037a8f7ca0943687
08a6e41c5fa688ca538b3e4b30ec8100fb292aaf
e368e32c7f8c8d2ae99520c324a2571ed402c80f76aec3c05a9711df12150de5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 67801aaa77b0226b24e48c3d2b0055ec
284e0390a9afeed4f556a2e7eac0e75c33b01d6c
b576b0b0307ccf104137b1427b246e30570da6c64a1c8116fe4e765a0562a308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/frZNsgk2zBlccfRh-5BuaeygKDnMtM8THuKkcUkdyyiVusMTe3jOrjnMKz39sCDGvs1pRZgXgQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.9 kB URL HTTP/2 yt3.ggpht.com/frZNsgk2zBlccfRh-5BuaeygKDnMtM8THuKkcUkdyyiVusMTe3jOrjnMKz39sCDGvs1pRZgXgQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 154367c025f64b7e936b58e616d0117e
07212c5ed2eaf5422aeb22116c3f43f7e073c9dc
88aec24845bf5c9721abffa6d5376a145662eec365d6c8c5ecb894340cbe656d
GET /frZNsgk2zBlccfRh-5BuaeygKDnMtM8THuKkcUkdyyiVusMTe3jOrjnMKz39sCDGvs1pRZgXgQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2884
x-xss-protection: 0
date: Wed, 21 Sep 2022 00:33:12 GMT
expires: Sat, 10 Sep 2022 19:21:53 GMT
cache-control: public, max-age=86400, no-transform
age: 8503
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.gravitec.media/api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=783166fe-658d-40e4-bd5f-0d58c1b6aec7&utmb=13971af3-6e37-477e-8723-34d46c933de1&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F
35.214.184.209201 Created 0 B URL HTTP/2 api.gravitec.media/api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=783166fe-658d-40e4-bd5f-0d58c1b6aec7&utmb=13971af3-6e37-477e-8723-34d46c933de1&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F
IP 35.214.184.209:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=783166fe-658d-40e4-bd5f-0d58c1b6aec7&utmb=13971af3-6e37-477e-8723-34d46c933de1&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F HTTP/1.1
Host: api.gravitec.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 201 Created
server: nginx
date: Wed, 21 Sep 2022 02:54:55 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
x-correlation-id: 68cca5e1e46d0e5e6e4577f0e06245c3
X-Firefox-Spdy: h2
trafficadbar.com/assets/ads.css
52.202.155.140200 OK 385 B URL HTTP/2 trafficadbar.com/assets/ads.css
IP 52.202.155.140:0
Hash 05463025a9969b0844abe65f601e5c8a
4b9dcbf2c2d7e339ee8160c56ae92e1fd18595dc
bb8ddf7ca872ae352ec221a148c2e83ac8eabee859b8a7c261b8e2e941463fa3
GET /assets/ads.css HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trafficadbar.com/bar/page2.php?a=MTGSamurai&b=490&c=90&d=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&ref1=https%3A%2F%2Fllclickpro.com%2F&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:55 GMT
content-type: text/css
content-length: 385
server: nginx
last-modified: Thu, 11 Aug 2022 01:03:12 GMT
etag: "62f45550-181"
expires: Sun, 20 Nov 2022 02:54:55 GMT
pragma: public
cache-control: max-age=5184000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
54.230.245.134200 OK 793 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
IP 54.230.245.134:0
File type ASCII text, with very long lines (2368)
Hash 3496295286ae79c9f3b199075c24f520
4fd6984a982c0651c067954e56e3bd3987cda84a
fa4e9037f198d06563b4a8efbf38bcacae7046417353d90e7be45af4ec07b69f
GET /assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 793
date: Sun, 05 Jun 2022 10:06:42 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-encoding: gzip
etag: "62988ba7-319"
expires: Wed, 02 Jun 2032 10:06:42 GMT
last-modified: Thu, 02 Jun 2022 10:06:31 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T-mfpLxEM0n_bn-zynFOUCMuGjxYIX10YEbh8jOfVZXdK1Ts0J1QyA==
age: 9305293
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 67801aaa77b0226b24e48c3d2b0055ec
284e0390a9afeed4f556a2e7eac0e75c33b01d6c
b576b0b0307ccf104137b1427b246e30570da6c64a1c8116fe4e765a0562a308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ih1.redbubble.net/image.2521900674.0223/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 12 kB URL HTTP/2 ih1.redbubble.net/image.2521900674.0223/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 4f656d55e30a35cccb4bc94a74f0df52
19ae51457ecb9dbeac9a0d7d1ae42f9156563056
70b55f3994d82e9bf29d7f59509bb9d010d379e6e3d6901f289bf825fe5e15a0
GET /image.2521900674.0223/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 2571732
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 21 Sep 2022 02:54:55 GMT
etag: W/"70b55f3994d82e9bf29d7f59509bb9d0"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F71E)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: ee84e291-69ac-49ed-ab14-b532dcc3fe55
x-xss-protection: 1; mode=block
content-length: 11509
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2423146004.3028/raf,220x200,075,t,black.u5.jpg
68.232.35.237200 OK 7.1 kB URL HTTP/2 ih1.redbubble.net/image.2423146004.3028/raf,220x200,075,t,black.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash ea2e9b008dd5ea4ae82bd436910c2533
9b839ada94e09772f01c49af1032b9f046e9b6ed
0220c6be7d3cfcffc662fcab4c31803925ec7e294e4165098a1b364ad8800ace
GET /image.2423146004.3028/raf,220x200,075,t,black.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 2571732
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 21 Sep 2022 02:54:55 GMT
etag: W/"0220c6be7d3cfcffc662fcab4c318039"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F716)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 0c943895-8cf5-4c7d-88fc-024373c4d11a
x-xss-protection: 1; mode=block
content-length: 7140
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2615416373.1429/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 12 kB URL HTTP/2 ih1.redbubble.net/image.2615416373.1429/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 4ed24b51630a165d7ab03688d1325d25
c726cb712f4cd72bf5c564a7dc0ad0ebbf9d2a52
19914bb432c06112f7f8b4878fbfbb15d4610cac7de7e1e4cada665e77dc02ac
GET /image.2615416373.1429/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 2571732
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 21 Sep 2022 02:54:55 GMT
etag: W/"19914bb432c06112f7f8b4878fbfbb15"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F709)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 0ad3ffab-7e43-4a7d-a9af-f6a7d7e1622c
x-xss-protection: 1; mode=block
content-length: 12230
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2431145804.5847/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 10 kB URL HTTP/2 ih1.redbubble.net/image.2431145804.5847/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 8f6f53785c14ab8a77c0aa90a761e397
27b8a13e4692d280551a541df86597327783211f
6e6de7900d29f1106e51cd663320f6acbd0be5b9691f633724119f6ee0f8e484
GET /image.2431145804.5847/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 2571732
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 21 Sep 2022 02:54:55 GMT
etag: W/"6e6de7900d29f1106e51cd663320f6ac"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F712)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 888bc34b-6200-454b-b256-7a55d31b146d
x-xss-protection: 1; mode=block
content-length: 10297
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2436230143.4649/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 15 kB URL HTTP/2 ih0.redbubble.net/image.2436230143.4649/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 9a8c105ed2bc868dc77dd23860b0eae7
baba5fd5da037202cc6bee4b94c5e61553a6e4e5
e3a68991feafac3f02cffdee42f521b29379b95d10bada143ec7eb76b29bdf1e
GET /image.2436230143.4649/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 2571731
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 21 Sep 2022 02:54:55 GMT
etag: W/"e3a68991feafac3f02cffdee42f521b2"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F71E)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: aadd9ba7-de8e-4ca0-b4e2-841f2c1ae673
x-xss-protection: 1; mode=block
content-length: 14753
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2609329537.2892/raf,220x200,075,t,white.u5.jpg
68.232.35.237200 OK 13 kB URL HTTP/2 ih0.redbubble.net/image.2609329537.2892/raf,220x200,075,t,white.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 7c729abcf1fb3cbc2c5338f004443fc8
ba2199b908015be4eb601ea363fa1e6a05e6109a
c350b44a154b399e0bef5fafa2ce0bbabd485db22ed9531b4566a297704c2898
GET /image.2609329537.2892/raf,220x200,075,t,white.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 446915
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 21 Sep 2022 02:54:55 GMT
etag: W/"c350b44a154b399e0bef5fafa2ce0bba"
last-modified: Thu, 15 Sep 2022 22:46:21 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F6FC)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: a1f9feb2-f818-4d5e-a57b-efc733dc4048
x-xss-protection: 1; mode=block
content-length: 13202
X-Firefox-Spdy: h2
trafficadbar.com/assets/home_logo_88.png
52.202.155.140200 OK 12 kB URL HTTP/2 trafficadbar.com/assets/home_logo_88.png
IP 52.202.155.140:0
Hash 512c9c8139645a89bfe52f4c918ce64f
02614480bdee6c64f0846201955d329a235c699f
98706da58147d93ba217f4bef546655c3229ffe46a4ae348f52abe82797da335
GET /assets/home_logo_88.png HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://trafficadbar.com/bar/page2.php?a=MTGSamurai&b=490&c=90&d=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&ref1=https%3A%2F%2Fllclickpro.com%2F&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:55 GMT
content-type: image/png
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
vary: Accept-Encoding
etag: W/"60c06a82-881"
expires: Sun, 20 Nov 2022 02:54:55 GMT
pragma: public
cache-control: max-age=5184000, public
content-encoding: gzip
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2615293405.8342/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 13 kB URL HTTP/2 ih0.redbubble.net/image.2615293405.8342/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 10f80b48faf4716e42eeb69a479532cf
2ab71ce122e15b05fdc9d5a965f5497bb5e93cca
544947c0b6bcc6f5ab033bc6799dbe00fa4f0312d6ab6829f47da24f59a86c2b
GET /image.2615293405.8342/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 2571731
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 21 Sep 2022 02:54:55 GMT
etag: W/"544947c0b6bcc6f5ab033bc6799dbe00"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F708)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: be3b6589-2793-4135-a84a-ed9930596195
x-xss-protection: 1; mode=block
content-length: 13106
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2501823087.1427/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 13 kB URL HTTP/2 ih1.redbubble.net/image.2501823087.1427/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 41a7ff2b932518137a3d3ed4e75cff14
12788c351920ae2e6a6915c80ea0f1cae9106382
281a8d6feb56d70c6a48c55fbf412a1d8e6fe90435118f7571a8635c0f706ceb
GET /image.2501823087.1427/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 2571732
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 21 Sep 2022 02:54:55 GMT
etag: W/"281a8d6feb56d70c6a48c55fbf412a1d"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F71B)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: d5f2891d-027d-4541-8e68-d499a6d21006
x-xss-protection: 1; mode=block
content-length: 12808
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png
54.230.245.134200 OK 753 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png
IP 54.230.245.134:0
File type PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 95b83ee0d2cb98b5133345024a14031e
fb1f79f434185cabeda75b895cb0e98113c8c6ec
5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0
GET /assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 753
date: Mon, 05 Sep 2022 13:09:45 GMT
server: nginx
last-modified: Sun, 04 Sep 2022 10:06:31 GMT
expires: Thu, 02 Sep 2032 13:09:45 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ta46Ao9Xqn3qaNYTxkbvFoc9v-vs7hNjrZswavH2lHLTvcSzBB1LFg==
age: 1345511
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png
54.230.245.134200 OK 147 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png
IP 54.230.245.134:0
File type PNG image data, 7 x 10, 8-bit gray+alpha, non-interlaced\012- data
Hash aafe97f737c068ef75a9410c8a45f5a4
0d1856e53194b2a68d1976a21fe05d20eac683b6
44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47
GET /assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 147
date: Fri, 27 May 2022 01:22:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=315360000, public
etag: "628dff80-93"
expires: Mon, 24 May 2032 01:22:02 GMT
last-modified: Wed, 25 May 2022 10:05:52 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9MBWHOnxFaXeMTwm1R7AbUs5pFZpBtkYtjb9YTKghz4mnDYx1mIrvA==
age: 10114374
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 795a18bd265b7b982f023fcd028a61fd
211b2ccc2ddb01acd27a060f7c2cd5019648097a
76b7fe027f93163d5ea4d33fb638cb838dffae25b869f056adaac8fd2e67dedd
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Sep 2022 02:54:56 GMT
server: ESF
cache-control: private
content-length: 30751
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81d42d817c63fd387f875fae88f126a
88fa4a4aa864600dfc025c7077d355d38d2d22b9
81ad3d8e554a0fd4530752e92a769bb4689229fb097bb09076bd85c7d3208fe7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81d42d817c63fd387f875fae88f126a
88fa4a4aa864600dfc025c7077d355d38d2d22b9
81ad3d8e554a0fd4530752e92a769bb4689229fb097bb09076bd85c7d3208fe7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663750496&ei=AH0qY_fnDdSxyQWqvrSAAw&ip=91.90.42.154&id=o-AGfST4ldnWsMUztN3oMU-usDaaQgE3O6W-CpMkVDOsoR&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yne6&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=yR2vp6pQvErFBpwctXo_CgnzEyHnKRc&vprv=1&mime=video%2Fwebm&ns=CTcYTlXSjr1H0WXkOMeb4zUI&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&mt=1663728393&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5319224&n=yTygRPNfW7TUUA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgT9ESdRvqeAatO-L2Wtg6GR1UTeLYE37uO-8xmGTGwl4CIA9cEQIxw2AMdhIp5FnFcIkWQ1mEPhgW4X2q3VQ3ApqW&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAOrgdH1S3T0h7II51hOZxA_Kl-tZglCrNTqw3WCEzgMUAiEAwQBip1GQ3MZeNaVbL7rjp0aEb82QIyiWuBEISqVcz3s%3D&alr=yes&cpn=BsurYgjwUoJK4PGl&cver=1.20220918.00.00&range=0-348&rn=1&rbuf=0
91.90.45.172200 OK 349 B URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663750496&ei=AH0qY_fnDdSxyQWqvrSAAw&ip=91.90.42.154&id=o-AGfST4ldnWsMUztN3oMU-usDaaQgE3O6W-CpMkVDOsoR&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yne6&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=yR2vp6pQvErFBpwctXo_CgnzEyHnKRc&vprv=1&mime=video%2Fwebm&ns=CTcYTlXSjr1H0WXkOMeb4zUI&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&mt=1663728393&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5319224&n=yTygRPNfW7TUUA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgT9ESdRvqeAatO-L2Wtg6GR1UTeLYE37uO-8xmGTGwl4CIA9cEQIxw2AMdhIp5FnFcIkWQ1mEPhgW4X2q3VQ3ApqW&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAOrgdH1S3T0h7II51hOZxA_Kl-tZglCrNTqw3WCEzgMUAiEAwQBip1GQ3MZeNaVbL7rjp0aEb82QIyiWuBEISqVcz3s%3D&alr=yes&cpn=BsurYgjwUoJK4PGl&cver=1.20220918.00.00&range=0-348&rn=1&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 6799eeffb2467b3622904988938cc6c9
363a023f07f0578a4978f873d55603650c9b32de
430e019435c317dab1826c031d59218a2dd88706591d671aa2ade9b2e74dec74
GET /videoplayback?expire=1663750496&ei=AH0qY_fnDdSxyQWqvrSAAw&ip=91.90.42.154&id=o-AGfST4ldnWsMUztN3oMU-usDaaQgE3O6W-CpMkVDOsoR&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yne6&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=yR2vp6pQvErFBpwctXo_CgnzEyHnKRc&vprv=1&mime=video%2Fwebm&ns=CTcYTlXSjr1H0WXkOMeb4zUI&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&mt=1663728393&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5319224&n=yTygRPNfW7TUUA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgT9ESdRvqeAatO-L2Wtg6GR1UTeLYE37uO-8xmGTGwl4CIA9cEQIxw2AMdhIp5FnFcIkWQ1mEPhgW4X2q3VQ3ApqW&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAOrgdH1S3T0h7II51hOZxA_Kl-tZglCrNTqw3WCEzgMUAiEAwQBip1GQ3MZeNaVbL7rjp0aEb82QIyiWuBEISqVcz3s%3D&alr=yes&cpn=BsurYgjwUoJK4PGl&cver=1.20220918.00.00&range=0-348&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 24 Feb 2022 09:07:16 GMT
Content-Type: video/webm
Date: Wed, 21 Sep 2022 02:54:57 GMT
Expires: Wed, 21 Sep 2022 02:54:57 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 349
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663750496&ei=AH0qY_fnDdSxyQWqvrSAAw&ip=91.90.42.154&id=o-AGfST4ldnWsMUztN3oMU-usDaaQgE3O6W-CpMkVDOsoR&itag=250&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yne6&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=yR2vp6pQvErFBpwctXo_CgnzEyHnKRc&vprv=1&mime=audio%2Fwebm&ns=CTcYTlXSjr1H0WXkOMeb4zUI&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&mt=1663728393&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5318224&n=yTygRPNfW7TUUA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJxfnNCx06ecnD6d_WR7JQt7xKDPHmT_zV0cqneJ0hIQAiEAm64eJVoBEzxKGNXR2m8d9ZlKGWhkcdiQ6pDn3hUjwso%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAOrgdH1S3T0h7II51hOZxA_Kl-tZglCrNTqw3WCEzgMUAiEAwQBip1GQ3MZeNaVbL7rjp0aEb82QIyiWuBEISqVcz3s%3D&alr=yes&cpn=BsurYgjwUoJK4PGl&cver=1.20220918.00.00&range=0-337&rn=2&rbuf=0
91.90.45.172200 OK 338 B URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663750496&ei=AH0qY_fnDdSxyQWqvrSAAw&ip=91.90.42.154&id=o-AGfST4ldnWsMUztN3oMU-usDaaQgE3O6W-CpMkVDOsoR&itag=250&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yne6&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=yR2vp6pQvErFBpwctXo_CgnzEyHnKRc&vprv=1&mime=audio%2Fwebm&ns=CTcYTlXSjr1H0WXkOMeb4zUI&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&mt=1663728393&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5318224&n=yTygRPNfW7TUUA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJxfnNCx06ecnD6d_WR7JQt7xKDPHmT_zV0cqneJ0hIQAiEAm64eJVoBEzxKGNXR2m8d9ZlKGWhkcdiQ6pDn3hUjwso%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAOrgdH1S3T0h7II51hOZxA_Kl-tZglCrNTqw3WCEzgMUAiEAwQBip1GQ3MZeNaVbL7rjp0aEb82QIyiWuBEISqVcz3s%3D&alr=yes&cpn=BsurYgjwUoJK4PGl&cver=1.20220918.00.00&range=0-337&rn=2&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash ad731b1b5f15e8439e4ab2816fe84240
1dbb0f630b426413eda4e6b4134979aec2d4ae8b
099a421c809946c753da16a33d1815db997edd49bc686e5d97f85ab2f234515c
GET /videoplayback?expire=1663750496&ei=AH0qY_fnDdSxyQWqvrSAAw&ip=91.90.42.154&id=o-AGfST4ldnWsMUztN3oMU-usDaaQgE3O6W-CpMkVDOsoR&itag=250&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7yne6&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=yR2vp6pQvErFBpwctXo_CgnzEyHnKRc&vprv=1&mime=audio%2Fwebm&ns=CTcYTlXSjr1H0WXkOMeb4zUI&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&mt=1663728393&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5318224&n=yTygRPNfW7TUUA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJxfnNCx06ecnD6d_WR7JQt7xKDPHmT_zV0cqneJ0hIQAiEAm64eJVoBEzxKGNXR2m8d9ZlKGWhkcdiQ6pDn3hUjwso%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAOrgdH1S3T0h7II51hOZxA_Kl-tZglCrNTqw3WCEzgMUAiEAwQBip1GQ3MZeNaVbL7rjp0aEb82QIyiWuBEISqVcz3s%3D&alr=yes&cpn=BsurYgjwUoJK4PGl&cver=1.20220918.00.00&range=0-337&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 24 Feb 2022 09:07:16 GMT
Content-Type: audio/webm
Date: Wed, 21 Sep 2022 02:54:57 GMT
Expires: Wed, 21 Sep 2022 02:54:57 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 338
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81d42d817c63fd387f875fae88f126a
88fa4a4aa864600dfc025c7077d355d38d2d22b9
81ad3d8e554a0fd4530752e92a769bb4689229fb097bb09076bd85c7d3208fe7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1ielco78gv5pf.cloudfront.net/assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif
54.230.245.134200 OK 1.8 kB URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif
IP 54.230.245.134:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 53c8654b9584bb9f925f2e9f12a3a365
69b347445a08ef2e1235cb8ff2fad484d59ae7d3
8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d
GET /assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 1785
date: Wed, 18 May 2022 14:23:23 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=315360000, public
etag: "628373c3-6f9"
expires: Sat, 15 May 2032 14:23:23 GMT
last-modified: Tue, 17 May 2022 10:06:59 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UuGV9Amown8tv7AmDS9dD-3QMS1LOTBirWiH_-mDE03JdwAtSrAaTw==
age: 10845094
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19a7100-8d4f-4c0a-8865-191670cb2db4.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19a7100-8d4f-4c0a-8865-191670cb2db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c4ba493d60a12accc1dc9c3299fa01d
65886e11d9f792452cceea23444722ff4028b081
b287b0bf2b3dc834a657dc98a9eef006577554306fa481bbc9de5a16943129f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19a7100-8d4f-4c0a-8865-191670cb2db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6667
x-amzn-requestid: 1798057c-208d-471e-8d5c-602631418afd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1nHvsoAMF23A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-121c21f710767cde77a06945;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vdjC0dj8L5qN-SdmlBD_TD0T0hdFtWzmnC9_AdJVP5qTi9dWz6_K9g==
via: 1.1 e71753cf85369390852fdcb22bf59aa8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:40:13 GMT
age: 18885
etag: "65886e11d9f792452cceea23444722ff4028b081"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 5.5 kB IP 93.184.220.29:0
Hash 0f7fc554b2c453dae35d4d51cfc15797
5df1b553109040f830bab0d0998734b0c5d4e7a4
e55a090a6206976c1463eee10667dbf221fb9071e5dd9f027f525141d581d1ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4515
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:58 GMT
Last-Modified: Wed, 21 Sep 2022 01:39:43 GMT
Server: ECS (amb/6B9F)
X-Cache: HIT
Content-Length: 278
imgallery.llsvr.com/5edfb59a6de2e.jpg
172.67.163.151200 OK 40 kB URL HTTP/2 imgallery.llsvr.com/5edfb59a6de2e.jpg
IP 172.67.163.151:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 60", baseline, precision 8, 800x542, components 3\012- data
Hash c6cf8355376b79fbaf284b58c980499c
da2dc2665b0eccbe1cbc9f82dc9f6eae025c4f3b
3aa12ff81986a4b23c014af2e88596a91349d3c9cae071f57ac68f888c2d4ed8
GET /5edfb59a6de2e.jpg HTTP/1.1
Host: imgallery.llsvr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:58 GMT
content-type: image/jpeg
content-length: 39546
last-modified: Sat, 05 Mar 2022 06:26:05 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qj48rtDnKGOqlwnLwZ8e0jbI2qvwyoazaq205M3RWVTgdl5DbniK%2FD1SgAcpG1sbsEtJFkE2u2nz9b1jv%2B3aTFfSE8UfK5IoQhGKEJnJvB3K%2FR1c7OcFiUb8%2Bqsyx6NOaMeA%2FUcz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74df84efcb1fb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a4893887bdb021e38fd6ea5db19902b4
052832c9f51f17f1e4b54f87a577b52aa128c7bd
1b1b30c46c6a0f44a6afa802c775d94f6719b42b88d017f5690cb115517c4c6b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4515
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 02:54:58 GMT
Last-Modified: Wed, 21 Sep 2022 01:39:43 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
cdn.gravitec.net/modules/0.bundle.js
45.133.44.3200 OK 0 B URL HTTP/2 cdn.gravitec.net/modules/0.bundle.js
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
GET /modules/0.bundle.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:54 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
etag: W/"61fa486f-2550"
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
52.202.155.140200 OK 0 B URL HTTP/2 trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
IP 52.202.155.140:0
GET /50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:50 GMT
content-type: image/jpeg
server: nginx
vary: Accept-Encoding
expires: Fri, 21 Oct 2022 02:54:49 GMT
pragma: public
cache-control: max-age=2591999
content-encoding: gzip
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/free/240-cloud/editor/js/group-jq.js
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/free/240-cloud/editor/js/group-jq.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /builds/free/240-cloud/editor/js/group-jq.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:51 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"ed710a097ec10ed3e2e1403b9380da89"
last-modified: Tue, 16 Aug 2022 09:34:59 GMT
x-amz-id-2: nQBgbmU1EnXaS9DU92ulqq/C53UWiI6y2/CG/8JeCVTRNwNAcbW9cpR4oaRmp2cdsG5v2TCOgvo=
x-amz-request-id: T82S1R5YKDX6K6E8
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/16/2022 10:39:07
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/240-cloud/editor/js/group-jq.js>; rel="canonical"
cdn-status: 200
cdn-requestid: 6885cf645210d9447fdeca376ef0f2ce
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/115-cloud/js/group-3.pro.js
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/115-cloud/js/group-3.pro.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /builds/pro/115-cloud/js/group-3.pro.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:51 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"2604bf6ee4e609bdbfbb94c31adcd63d"
last-modified: Tue, 16 Aug 2022 09:36:39 GMT
x-amz-id-2: g03qzdonLEQkxWltK0A3fmPePrahcq1E/UIQ2xDUy9q/BQLXBAEOHZOkFC7xaj31fohND16hB1o=
x-amz-request-id: 0X3NBVZKF9TJRQVB
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/21/2022 00:33:07
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/115-cloud/js/group-3.pro.js>; rel="canonical"
cdn-status: 200
cdn-requestid: d570fa16c14be7c3e54a52b6e1a8afa8
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
trafficadbar.com/bar/page2.php?a=MTGSamurai&b=490&c=90&d=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&ref1=https%3A%2F%2Fllclickpro.com%2F&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
52.202.155.140200 OK 0 B URL HTTP/2 trafficadbar.com/bar/page2.php?a=MTGSamurai&b=490&c=90&d=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&ref1=https%3A%2F%2Fllclickpro.com%2F&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F
IP 52.202.155.140:0
GET /bar/page2.php?a=MTGSamurai&b=490&c=90&d=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&ref1=https%3A%2F%2Fllclickpro.com%2F&stg=2&ww=490&wh=90&ref=https%3A%2F%2Fwww.morecouponstogo.com%2F HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://trafficadbar.com/bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:52 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: referrer_username=MTGSamurai; expires=Fri, 02-Jan-1970 03:46:40 GMT; Max-Age=0; path=/; secure; httponly; samesite=none
referred_from_website=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing; expires=Fri, 02-Jan-1970 03:46:40 GMT; Max-Age=0; path=/; secure; httponly; samesite=none
referrer_source=wbar; expires=Fri, 02-Jan-1970 03:46:40 GMT; Max-Age=0; path=/; secure; httponly; samesite=none
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.gravitec.media/track.min.js
45.133.44.4200 OK 0 B URL HTTP/2 cdn.gravitec.media/track.min.js
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
GET /track.min.js HTTP/1.1
Host: cdn.gravitec.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:54 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
etag: W/"5dde8d82-11d5"
cache-control: max-age=7776000
access-control-allow-origin: *
content-encoding: gzip
expires: Tue, 20 Dec 2022 02:54:54 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
IP 172.64.133.15:0
GET /releases/v5.15.4/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:50 GMT
content-type: text/css
x-amz-id-2: oih8J0hBMw8A0ZDypwdVn2MNF1pKbG1Ds45F+jYyvQ913/sIWPnWLyDWlpiHzea0D/laWzi/7UfGDUwqj97/gQ==
x-amz-request-id: S8HJYS56DJSTJTGD
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"a034d3c71bee546f625877d7932917f8"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1678341
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzdvT11%2Bxg7zedxQRLY2aIaZZL8fdsJNlxOfAqEWbUhEtmwVsHhtRw8buygmfD9lBZ6p9YSXd8HI3meKV6GNJNXpMv1c9FMZIevt18Po7soe3sIhMFajuB0uzCxnXtm61LI3dv%2FC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74df84bc9fd07717-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/115-cloud/css/preview.pro.css
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/115-cloud/css/preview.pro.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /builds/pro/115-cloud/css/preview.pro.css HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:51 GMT
content-type: text/css
server: BunnyCDN-NO-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"b73a64712964514c4363d1e65ce687ef"
last-modified: Tue, 16 Aug 2022 09:36:39 GMT
x-amz-id-2: KC0cjFA8pWVRjNVyOzidlG908EE+ecg/zUq4KBvwnplkLhCDAv83uc4bf3OkEzryLqQ6GBihDmA=
x-amz-request-id: T82W5MZTTNQ8EYNF
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/16/2022 10:39:07
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/115-cloud/css/preview.pro.css>; rel="canonical"
cdn-status: 200
cdn-requestid: b54a7de824c978332d7e4139eb3503c7
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
z5traffic.com/t/matomo.js
44.207.227.139404 Not Found 0 B URL HTTP/2 z5traffic.com/t/matomo.js
IP 44.207.227.139:0
GET /t/matomo.js HTTP/1.1
Host: z5traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 21 Sep 2022 02:54:50 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.16.1
vary: Accept-Encoding
x-powered-by: PHP/7.4.12
cache-control: no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
pixel.leadsleap.net/set.html?n1=lltkra156457&v1=357907.21&n2=lltkrb156457&v2=357907.21
104.21.0.153200 OK 0 B URL HTTP/2 pixel.leadsleap.net/set.html?n1=lltkra156457&v1=357907.21&n2=lltkrb156457&v2=357907.21
IP 104.21.0.153:0
GET /set.html?n1=lltkra156457&v1=357907.21&n2=lltkrb156457&v2=357907.21 HTTP/1.1
Host: pixel.leadsleap.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:50 GMT
content-type: text/html
last-modified: Thu, 01 Oct 2020 11:41:08 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMeCffhqn%2BvWEUkYrNIQb2WmhLsk2%2BJd2r%2FQsAHchxDGHTQfF3crs5yoT839XwUFjfGUaK8OeweHjfGRhsSy2N9OCaXmtYIs%2FdBMAcR77JQZQzPHoH%2FrTv%2F2WItnLSjaOOYK1ae5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74df84bd9be21c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
trafficadbar.com/bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/
52.202.155.140200 OK 0 B URL HTTP/2 trafficadbar.com/bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/
IP 52.202.155.140:0
GET /bar/page.php?a=MTGSamurai&b=490&c=90&e=%23ffffff&f=%23AC0101&g=%23f8f8f8&h=%23000000&i=%237c8e06&d=https%3A//www.morecouponstogo.com/uni-landing&ref1=https%3A//llclickpro.com/ HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:52 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
assets6.lottiefiles.com/private_files/lf30_aXRkcv.json
54.230.111.52200 OK 0 B URL HTTP/2 assets6.lottiefiles.com/private_files/lf30_aXRkcv.json
IP 54.230.111.52:0
GET /private_files/lf30_aXRkcv.json HTTP/1.1
Host: assets6.lottiefiles.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 1800
last-modified: Wed, 10 Jun 2020 03:42:46 GMT
x-amz-version-id: cl7YYcZ.eZwJkn7C3eZLvmpcNwHYuuSO
server: AmazonS3
content-encoding: br
date: Wed, 21 Sep 2022 02:54:51 GMT
etag: W/"fc1fe14e06bca801e615880167a4397d"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Q-uPPJHMBzROyHdnt_-cBgBEUOMCInsid1JFAkZomEpFRm9u7nBCMw==
age: 2
X-Firefox-Spdy: h2
cdn.gravitec.net/modules/1.bundle.js
45.133.44.3200 OK 0 B URL HTTP/2 cdn.gravitec.net/modules/1.bundle.js
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
GET /modules/1.bundle.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:54 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
etag: W/"61fa486f-8092"
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
llclickpro.com/MCTGlanding/tab
104.21.65.65200 OK 0 B URL HTTP/2 llclickpro.com/MCTGlanding/tab
IP 104.21.65.65:0
GET /MCTGlanding/tab HTTP/1.1
Host: llclickpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: lltkrl156457=1; expires=Thu, 22-Sep-2022 02:54:50 GMT; Max-Age=86400; path=/; SameSite=Lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQaZ6pxWuCDzXrHPFA6Tumqcw%2BTa%2BcPJuyoMby7SatfEraAhz5Q4c9yd74hSM2B1W0MKmwHg9AiVwbn%2BOIaJI1KqUtIO1E6vJ0Hndk%2FcjWY70BIULs5vhvd987zgT7tz0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74df84b90ed70afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
llclickpro.com/trackr.css?v=29
104.21.65.65200 OK 0 B URL HTTP/2 llclickpro.com/trackr.css?v=29
IP 104.21.65.65:0
GET /trackr.css?v=29 HTTP/1.1
Host: llclickpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/MCTGlanding/tab
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:50 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=12271
last-modified: Tue, 28 Jun 2022 06:00:22 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kesCHO1Us%2FX9cMRYBlqW8Wh8OYdncQW3l74jjil%2BKq2crqnXtbGDzWmHcBGOf9Oo2lHkDGdW%2BiqsDC4W%2FHNJ7Piggl8yqAnHZA60xV28qo8o09q4wdY686j36zdQFwFneQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74df84bbcfa70afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/embed/aWzlQ2N6qqg?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
142.250.74.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/aWzlQ2N6qqg?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0
IP 142.250.74.174:0
GET /embed/aWzlQ2N6qqg?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 21 Sep 2022 02:54:52 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=81zZxEfZZxw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=LHbTZL9s7uc; Domain=.youtube.com; Expires=Mon, 20-Mar-2023 02:54:52 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+733; expires=Fri, 20-Sep-2024 02:54:52 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
w.leadsleap.com/php.php?ll_id=w77264&ll_sr=&ll_r=scsa7588&ll_tbo=&ll_hc=%23e22121&ll_tc=%23555a69&ll_cc=%238d9aa6&ll_bc=%23ffffff&ll_dc=%238891a8&ll_w=300&ll_fh=auto&ll_h=250&ll_b=&ll_n=6&ll_fs=&ll_ff=&ll_pa=0&ll_bgc=&ll_s=w&ll_br=&ll_cl=&ll_nc=1&ll_nf=0&ll_nh=0&ll_nm=0&ll_np=1&ll_fo=&ll_no=&ll_so=&ll_nt=0&ll_wt=1&ll_url=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&ll_rf=https%3A%2F%2Fllclickpro.com%2F
172.67.69.111200 OK 0 B URL HTTP/2 w.leadsleap.com/php.php?ll_id=w77264&ll_sr=&ll_r=scsa7588&ll_tbo=&ll_hc=%23e22121&ll_tc=%23555a69&ll_cc=%238d9aa6&ll_bc=%23ffffff&ll_dc=%238891a8&ll_w=300&ll_fh=auto&ll_h=250&ll_b=&ll_n=6&ll_fs=&ll_ff=&ll_pa=0&ll_bgc=&ll_s=w&ll_br=&ll_cl=&ll_nc=1&ll_nf=0&ll_nh=0&ll_nm=0&ll_np=1&ll_fo=&ll_no=&ll_so=&ll_nt=0&ll_wt=1&ll_url=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&ll_rf=https%3A%2F%2Fllclickpro.com%2F
IP 172.67.69.111:0
GET /php.php?ll_id=w77264&ll_sr=&ll_r=scsa7588&ll_tbo=&ll_hc=%23e22121&ll_tc=%23555a69&ll_cc=%238d9aa6&ll_bc=%23ffffff&ll_dc=%238891a8&ll_w=300&ll_fh=auto&ll_h=250&ll_b=&ll_n=6&ll_fs=&ll_ff=&ll_pa=0&ll_bgc=&ll_s=w&ll_br=&ll_cl=&ll_nc=1&ll_nf=0&ll_nh=0&ll_nm=0&ll_np=1&ll_fo=&ll_no=&ll_so=&ll_nt=0&ll_wt=1&ll_url=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&ll_rf=https%3A%2F%2Fllclickpro.com%2F HTTP/1.1
Host: w.leadsleap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:58 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WccSOq72B4OYkSnG2uU9f81yvbuJdyUHyxOUwnLqdFX%2FTX6bYU6%2F8omK2zYta4TrIeRPCd97pQ4J%2FA9z2W8lIwUBNn6C4hLMEafQ0Oa7JGFmoJPntTVHfzRTC3o4e0lqTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74df84efaf39b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.redbubble.com/people/gratitude-aros/external-portfolio?count=9
104.18.34.248200 OK 0 B URL HTTP/2 www.redbubble.com/people/gratitude-aros/external-portfolio?count=9
IP 104.18.34.248:0
GET /people/gratitude-aros/external-portfolio?count=9 HTTP/1.1
Host: www.redbubble.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Cookie: __cf_bm=knSLC3.wJMdc73kXzEoq_dS6xZDnA7pHHDsrTEUDuIA-1663728891-0-AZJNHF/iJY2kqqnK5mUo+yQ/XwEjprCjfsbNphdBw19U+4y90p4UNyJUBDr4hLBl06bBbScfYjf7wils5E5IC5Y=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:53 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
etag: W/"53421aa180d55bb8b6a8c2bb4e6ee032"
referrer-policy: strict-origin-when-cross-origin
set-cookie: open_id_token=eyJhbGciOiJFUzI1NiIsImtpZCI6InJlZGJ1YmJsZS00IiwidHlwIjoiSldUIn0.eyJhbXIiOlsidW5hdXRoZW50aWNhdGVkIl0sImlzcyI6Imh0dHBzOi8vd3d3LnJlZGJ1YmJsZS5jb20iLCJzdWIiOiJyZWRidWJibGU6MDFHREVaR0VOUk5HMVhFWkVRMEtGNVdWUjEiLCJhdWQiOiJyZWRidWJibGUtc2VydmljZXMiLCJleHAiOjE2NjM3Mjk0OTIsImlhdCI6MTY2MzcyODg5Mn0.CG1vC8frwfs3b_POOxXQLbqTOO6q-W39S6TwVumU22eKry6FWRtfWzgjjpA6CnfZkYES59oSNnhijkW_WLTLYA; Path=/; Domain=redbubble.com; Expires=Wed, 28 Sep 2022 02:54:52 GMT; Secure; SameSite=Lax
rbVisitorId=01GDEZGENRRAGMG03ZS7SFTFBE; Path=/; Domain=redbubble.com; Expires=Wed, 28 Sep 2022 02:54:52 GMT; HttpOnly; Secure; SameSite=Lax
_rb_session=5a65d61b1d05cd62d5489b2a458e8785194754343880b5f16b393fe41788ab34; domain=.redbubble.com; path=/; secure
_rb_session4=TjFHSWNFWFNhOHAyVFVDVnB4MDdmemYrR3EwV2NSeU5jOFpoN3Z5ZXlIVFZ5T0puNkx6U0RsZXhyL3dhOW9HNDlJRVh0K2RSWFFTVk1zZ2NaNFlHK3NocmNXYi9jNWJGMnp4WG1DS3N3QjNCb012K1RqbDdNZzFmN0hDWEFmd0ktLWppQlI3VER4M1NIbGt3YXZZaDdNeXc9PQ%3D%3D--d7d54d8154223060cc2c407cfa8afea9a028cad0; path=/; secure; HttpOnly
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-rb-bot-identified: False
x-rb-oid: eyJhbGciOiJFUzI1NiIsImtpZCI6InJlZGJ1YmJsZS00IiwidHlwIjoiSldUIn0.eyJhbXIiOlsidW5hdXRoZW50aWNhdGVkIl0sImlzcyI6Imh0dHBzOi8vd3d3LnJlZGJ1YmJsZS5jb20iLCJzdWIiOiJyZWRidWJibGU6MDFHREVaR0VOUk5HMVhFWkVRMEtGNVdWUjEiLCJhdWQiOiJyZWRidWJibGUtc2VydmljZXMiLCJleHAiOjE2NjM3Mjk0OTIsImlhdCI6MTY2MzcyODg5Mn0.CG1vC8frwfs3b_POOxXQLbqTOO6q-W39S6TwVumU22eKry6FWRtfWzgjjpA6CnfZkYES59oSNnhijkW_WLTLYA
x-request-id: b141f9c5-d9ff-4ef7-918e-7c47ebbb04a5
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74df84c81f4ab509-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.gravitec.net/storage/651b3da8463250405063839a2450c723/client.js
45.133.44.3200 OK 0 B URL HTTP/2 cdn.gravitec.net/storage/651b3da8463250405063839a2450c723/client.js
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
GET /storage/651b3da8463250405063839a2450c723/client.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:52 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Thu, 10 Mar 2022 09:36:39 GMT
etag: W/"6229c6a7-100fb"
expires: Thu, 10 Mar 2022 10:12:22 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.gravitec.net/sdk/web/configs?appKey=651b3da8463250405063839a2450c723
45.133.44.3200 OK 0 B URL HTTP/2 cdn.gravitec.net/sdk/web/configs?appKey=651b3da8463250405063839a2450c723
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
GET /sdk/web/configs?appKey=651b3da8463250405063839a2450c723 HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 02:54:52 GMT
content-type: application/json
server: nginx
x-correlation-id: 0216cf07cc9c6391110dd1a0264a43ba
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: MISS
X-Firefox-Spdy: h2