r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9e164a845d32db8fa51fdb5b1aa218d9
169099b4d2f8e119ab6cf6fca279b6fb535b1759
402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5508
Expires: Wed, 09 Nov 2022 04:58:34 GMT
Date: Wed, 09 Nov 2022 03:26:46 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6095
Cache-Control: max-age=117959
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:46 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 12:12:45 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6095
Cache-Control: max-age=117959
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:46 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 12:12:45 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7343
Expires: Wed, 09 Nov 2022 05:29:09 GMT
Date: Wed, 09 Nov 2022 03:26:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Q25JOYUn46qXSOI33RFvLEjpW9FHDAIsSHUM4PDNGb0C4EIFL6ag/0LV/5v9dpeJnH4qcFA5l5k=
x-amz-request-id: V0CZZ4MMRY3T5G8B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 02:48:46 GMT
age: 2280
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 03:26:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
sg.fliesopping.click/au/i14s22/dodo/
139.59.241.112301 Moved Permanently 427 B URL HTTP/1.1 sg.fliesopping.click/au/i14s22/dodo/
IP 139.59.241.112:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cd6faf506299cdeae06e5b45431925fb
230e1ed6b45f906d24330f44304fa0f075d9bb74
42de9760f283f1fb1aa81ac14e0d1b50db10999e687b7ef3ed146825083e5c96
GET /au/i14s22/dodo/ HTTP/1.1
Host: sg.fliesopping.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 09 Nov 2022 03:26:46 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 427
Connection: keep-alive
Location: https://sg.fliesopping.click/au/i14s22/dodo/
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5942
Cache-Control: max-age=112741
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:47 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:45:48 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.213.92.18101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.92.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bnIoRhaM8myzV8PNNVLtQw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NY6R1nsGvMXitqnwZNIoXk0K3Sw=
sg.fliesopping.click/au/i14s22/dodo/
139.59.241.112302 Found 0 B URL HTTP/2 sg.fliesopping.click/au/i14s22/dodo/
IP 139.59.241.112:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /au/i14s22/dodo/ HTTP/1.1
Host: sg.fliesopping.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Wed, 09 Nov 2022 03:26:47 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://7ktpj.bemobtracks.com/go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 62ca5c091d9fc399acaf98710717b63b
7a6d745d0d30b2e6ab81ba9125cdbb3dc5dc93c2
7ba7610e498e3c13515e6052504346d7beabf0f5c3d35579afb14103a755ef5b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7BA7610E498E3C13515E6052504346D7BEABF0F5C3D35579AFB14103A755EF5B"
Last-Modified: Mon, 07 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14604
Expires: Wed, 09 Nov 2022 07:30:11 GMT
Date: Wed, 09 Nov 2022 03:26:47 GMT
Connection: keep-alive
7ktpj.bemobtracks.com/go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3
3.70.16.242302 Found 194 B URL HTTP/2 7ktpj.bemobtracks.com/go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3
IP 3.70.16.242:0
File type HTML document, ASCII text, with no line terminators
Hash e26de9a67ef2b86750b33fb49d7579dd
e7fb0d1d2a843833a7a8a0363387f2348a180382
f69cbc88c2e2157bcc9a7ff2f7be43a3f1cf3935287994cc6ab7a54bed78505e
GET /go/75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3 HTTP/1.1
Host: 7ktpj.bemobtracks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: openresty
date: Wed, 09 Nov 2022 03:26:47 GMT
content-type: text/html; charset=utf-8
content-length: 194
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
location: https://gtoonfd.com/link?z=5450494&var=&ymid=BqSttMixM2DzdXx2DdaqeA
set-cookie: bemob-uniq-visit:75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3=1; Domain=7ktpj.bemobtracks.com; Path=/; Expires=Thu, 10 Nov 2022 03:26:47 GMT; HttpOnly; Secure; SameSite=None
bemob-rotation:75ef24d0-aa3e-4f3b-86d4-929dd1c8dad3:random:f199c6a884945a866bc73e755561a9c1=0-0-2; Domain=7ktpj.bemobtracks.com; Path=/; Expires=Thu, 10 Nov 2022 03:26:47 GMT; HttpOnly; Secure; SameSite=None
bemob-click-id=BqSttMixM2DzdXx2DdaqeA; Domain=7ktpj.bemobtracks.com; Path=/; Expires=Thu, 10 Nov 2022 03:26:47 GMT; HttpOnly; Secure; SameSite=None
vary: Accept
x-response-time: 35.541ms
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 936e1ef9c4556337c311037f6b92922d
01ac71e679491d0434f4a98489588e215dd25d4e
edaa7283103791481f0b5e670af5f2c807583e9b8bbe0cfc2a98748a4244a8a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EDAA7283103791481F0B5E670AF5F2C807583E9B8BBE0CFC2A98748A4244A8A6"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16335
Expires: Wed, 09 Nov 2022 07:59:02 GMT
Date: Wed, 09 Nov 2022 03:26:47 GMT
Connection: keep-alive
gtoonfd.com/link?z=5450494&var=&ymid=BqSttMixM2DzdXx2DdaqeA
139.45.197.239302 Found 0 B URL HTTP/2 gtoonfd.com/link?z=5450494&var=&ymid=BqSttMixM2DzdXx2DdaqeA
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /link?z=5450494&var=&ymid=BqSttMixM2DzdXx2DdaqeA HTTP/1.1
Host: gtoonfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Wed, 09 Nov 2022 03:26:47 GMT
content-length: 0
location: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5450494&axcusid1=&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D5450494%26var%3D%26ymid%3DBqSttMixM2DzdXx2DdaqeA%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=7402
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 3af0fc97640a97ed0f083d863dd8a65e
link: <https://cdntechone.com>; rel="dns-prefetch preconnect"
set-cookie: OAID=dbce01b57f434e38b8a26732f54274bb; expires=Thu, 09 Nov 2023 03:26:47 GMT
oaidts=1667964407; expires=Thu, 09 Nov 2023 03:26:47 GMT
phpckd5450494=true; expires=Thu, 10 Nov 2022 03:26:47 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash eb4060004ddf162b195541291c1260e9
86832a033e18942af17f8dc06a3ef2f088b3fe1f
93bf500689ed155d131d209d2c8e8659ce7cc9b64a931ac5c01e8caa6ff4b1f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3616
Cache-Control: max-age=164400
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:48 GMT
Etag: "636aef08-117"
Expires: Fri, 11 Nov 2022 01:06:48 GMT
Last-Modified: Wed, 09 Nov 2022 00:06:32 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash eb4060004ddf162b195541291c1260e9
86832a033e18942af17f8dc06a3ef2f088b3fe1f
93bf500689ed155d131d209d2c8e8659ce7cc9b64a931ac5c01e8caa6ff4b1f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3616
Cache-Control: max-age=164400
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:48 GMT
Etag: "636aef08-117"
Expires: Fri, 11 Nov 2022 01:06:48 GMT
Last-Modified: Wed, 09 Nov 2022 00:06:32 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d31ce6542d915a9639aff73e0b477685
9bdc096edf900df6a63994be36821282f0f12d0a
b205360f031c04067c5be50ea28e39705795af2efb8ec35017e9a355b4500030
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 03:26:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 07 Nov 2022 04:52:35 GMT
Expires: Mon, 14 Nov 2022 04:52:34 GMT
Etag: "9bdc096edf900df6a63994be36821282f0f12d0a"
Cache-Control: max-age=436545,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 767372f02bfeb4eb-OSL
datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
37.48.68.71200 OK 2 B URL HTTP/1.1 datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1139
Origin: https://cdntechone.com
Connection: keep-alive
Referer: https://cdntechone.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 09 Nov 2022 03:26:48 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://cdntechone.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
deebcards-themier.com/e666d5bf-b09e-4a02-a33b-e0cc75fb172a?zoneid=5450495&bannerid=15511501&geo=NO&random=929632096&SUBID=614049832285508372&campaignid=6269517&category={category}&adformat=onclick&ntk=19&cost=0.000496&rdk=rk1
52.57.25.237302 Found 0 B URL HTTP/2 deebcards-themier.com/e666d5bf-b09e-4a02-a33b-e0cc75fb172a?zoneid=5450495&bannerid=15511501&geo=NO&random=929632096&SUBID=614049832285508372&campaignid=6269517&category={category}&adformat=onclick&ntk=19&cost=0.000496&rdk=rk1
IP 52.57.25.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e666d5bf-b09e-4a02-a33b-e0cc75fb172a?zoneid=5450495&bannerid=15511501&geo=NO&random=929632096&SUBID=614049832285508372&campaignid=6269517&category={category}&adformat=onclick&ntk=19&cost=0.000496&rdk=rk1 HTTP/1.1
Host: deebcards-themier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 09 Nov 2022 03:26:48 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.browsewithgx.com/?tl=deebcards-themier.com&btn=2&imp=0&cep=_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg&lptoken=163f6728961162af088b&zoneid=5450495&bannerid=15511501&geo=NO&random=929632096&SUBID=614049832285508372&campaignid=6269517&category=%7Bcategory%7D&adformat=onclick&ntk=19&cost=0.000496&rdk=rk1
pragma: no-cache
set-cookie: e666d5bf-b09e-4a02-a33b-e0cc75fb172a-v4=Z5g5x0IrgYPGFpEh6D2L_tEOabuC4rGuux2YCSK92B8; Max-Age=86400; Expires=Thu, 10-Nov-2022 03:26:48 GMT; Domain=deebcards-themier.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=fXdfKjeztbnZ5fYx41i62t9auFssaKGi0rNLUqSLlsojbJYiB6dncSHbm05yddKheYkgiy8_eLXGXOFz6B2M2DyaD8ogX6iQBqMzrac-medu5eZbJDUrKImVC44BI8Zv7QK25RkIkvKgyK0cCl5kKqiT85aKjVuARDJq1kptdXmCWGlnpKHpSt_b54G0DT88ug9DQNz_AXCkr9mhh0aJxgmxrJ32-S97ys6hSjUqiL4VunVgdAeYlXrPslb_XVPrOc75mMvVloza1rW3DtejMQX9KeTXc-3QXB7c3bajNqVNZc-HqhFmTSb0_GNxtW_ANK5tPMIYWqErf3fYPWcVwXwKECXJgTBvQ8TC2dUu1DpmitbEPgizGoiV2eZcpSLadnYKyTm1PpGMsrnACTWdML0SrP52-OqeDHW6itfJDPr3RnzaJR3MnoKTyb1j_hsh-CS-hUUXBNVeWWKOZIKihEP_9emY6O1yRub3RjvGhBsROexZs8ajj59FvKgB4h0mMyZa_BVvGMeMMN9mOEKxU9u70vtgh5gLpCqhY1VI-fC-Gr5TSw2sP1uX2W1_D8su; Max-Age=86400; Expires=Thu, 10-Nov-2022 03:26:48 GMT; Domain=deebcards-themier.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
gtoonfd.com/link?z=5450494&var=&ymid=BqSttMixM2DzdXx2DdaqeA&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=7402
139.45.197.239200 OK 1.3 kB URL HTTP/2 gtoonfd.com/link?z=5450494&var=&ymid=BqSttMixM2DzdXx2DdaqeA&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=7402
IP 139.45.197.239:0
Hash a1cba511669e988197887b2fc64de71a
0c1da42eb0cdbb7b6e64e2a740da7beba1fff689
5e77ac0d209089f3201fee79a04ac3d95f0c199b6000e1cfcb2fcfe1f4762f46
Analyzer Verdict Alert quad9 Sinkholed
GET /link?z=5450494&var=&ymid=BqSttMixM2DzdXx2DdaqeA&acb=proxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=7402 HTTP/1.1
Host: gtoonfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: OAID=dbce01b57f434e38b8a26732f54274bb; oaidts=1667964407; phpckd5450494=true
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 03:26:48 GMT
content-type: text/html; charset=utf8
x-trace-id: 8405ed7dcac01a6c85c89f7846a80439
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://deebcards-themier.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=dbce01b57f434e38b8a26732f54274bb; expires=Thu, 09 Nov 2023 03:26:48 GMT; path=/; secure; SameSite=None
oaidts=1667964407; expires=Thu, 09 Nov 2023 03:26:48 GMT; path=/; secure; SameSite=None
allcnt=1; expires=Thu, 09 Nov 2023 03:26:48 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=merge&userId=dbce01b57f434e38b8a26732f54274bb
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=dbce01b57f434e38b8a26732f54274bb
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=dbce01b57f434e38b8a26732f54274bb HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 03:26:48 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=dbce01b57f434e38b8a26732f54274bb; expires=Thu, 09 Nov 2023 03:26:48 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
gtoonfd.com/favicon.ico
139.45.197.239204 No Content 0 B IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: gtoonfd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: OAID=dbce01b57f434e38b8a26732f54274bb; oaidts=1667964407; phpckd5450494=true; allcnt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 09 Nov 2022 03:26:48 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10430
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 03:26:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10430
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 03:26:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 06:28:01 GMT
age: 75527
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc585a69-ebe7-4753-b2fd-ad259cd42072.jpeg
34.120.237.76200 OK 2.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc585a69-ebe7-4753-b2fd-ad259cd42072.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 547f07effeda1f7041b06fa3f10f90bf
d453f8017ebbbb8362f745a15c95acbddf55ac26
c4c4063cae55e4e2192ab2ac98543f4495a81879b8001fd2efb7989ca6eddba9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc585a69-ebe7-4753-b2fd-ad259cd42072.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2808
x-amzn-requestid: 47475ac7-05a1-484f-ab46-c44c804b152d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTSsUHrdIAMFwNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acb1b-10cd67f67a61ddba16769db9;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:33:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: UwYDSFfv9pZsgYa2vnFmsQSqaMWZI1XmeVog35jJMrpxM67nMFI6QQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:02:27 GMT
etag: "d453f8017ebbbb8362f745a15c95acbddf55ac26"
content-type: image/jpeg
age: 19461
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61972b3-81fe-4685-88de-21199403755b.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61972b3-81fe-4685-88de-21199403755b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cc233d853dae1e8f6127bc8f7ddd3ae
a99cfd0dc7b73fab94fbecc9c8bdf5945a3387a7
169e6f462cf903a188a13cb95791731fb20f2fdb04c236065e90f834606bb0a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61972b3-81fe-4685-88de-21199403755b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5282
x-amzn-requestid: e50bfdbf-6301-4451-9ae9-80127861f8fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTnaHR8IAMFSfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc95-4ee3045e3af315160dc7e933;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:39:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sPVnehGtMgbgGW_D41Q4vGyLdl8cSGpXEf1H0Td5Cy32w7carwcjTg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:44:22 GMT
age: 20546
etag: "a99cfd0dc7b73fab94fbecc9c8bdf5945a3387a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e265c87faef55af1d47d72286d93268a
b97207d04eced8e6412f60c3764cdb527cce26d0
bf3f4fc715e107947c5bf3d622fbf9de1f591649a5008d8790a23463aa8703db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5125
x-amzn-requestid: c4f7c3d2-4c43-442e-a477-84a5baf6ff49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bM4rXGdcoAMF5zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63683b15-1aec78204d291cfe5061d179;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 22:54:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZH49PpL-lN1JhCh03uyZJqRLu5vHF1RDMIBKKCvHOaKYdDOASOdUcw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:50 GMT
age: 20578
etag: "b97207d04eced8e6412f60c3764cdb527cce26d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf9d55c4-e1e8-4687-8395-004d7c4a0225.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf9d55c4-e1e8-4687-8395-004d7c4a0225.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3cd10472aabf86c5ffdfd06057f87f6
82728de12017be85f27e65a7222573058aad37c3
1bbb913786c95b51639193739d2cf01de1cdd8afe8b68dfef378b989129f0ef4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf9d55c4-e1e8-4687-8395-004d7c4a0225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6635
x-amzn-requestid: ad14becc-e9a4-4df4-9319-240fd6131b55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTSsTESsIAMF-Dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acb1b-3ba7a6a43e2ac8e31ed031dd;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:33:15 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: q4afSOCKteTyjO8YPEXTQ6wqrJydGhptic3J_sT7WcjmeH0ypa3i2g==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:31 GMT
etag: "82728de12017be85f27e65a7222573058aad37c3"
content-type: image/jpeg
age: 20597
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba11c7c9-77b7-4b0d-aa7f-493ab46c77b1.jpeg
34.120.237.76200 OK 2.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba11c7c9-77b7-4b0d-aa7f-493ab46c77b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1b4ae74d6a926ef85ce993a33f7d8a3f
9ce8d453c5ab8f7682e5ee3641a37b1abe1a8857
61b2fea439945e122a8502ab05e6c68bc1b3a9d8c639344ef5b04dfcc6889a65
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba11c7c9-77b7-4b0d-aa7f-493ab46c77b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2766
x-amzn-requestid: 934d6215-528a-4e78-bc46-3b0838d94671
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bG3d2HMGIAMF7Gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365d2be-0c11c2fb6ebc48eb1f0a3aef;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 03:04:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OMbpNCSxrKRiI5pF-AOJuTpFYdCHl00zMOLWxyXZAqWxnq3FJPsSaA==
via: 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 09:36:18 GMT
age: 64230
etag: "9ce8d453c5ab8f7682e5ee3641a37b1abe1a8857"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash 73aafcec7b73af388ca9663a25711d79
e6121013d3280aa61c4fa6073bf4ce83d25b3cb0
04e405a81252193c65d726b6c7c3b048a16fd985bb5a6782263a2a0fcfcec8a9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=89546
Date: Wed, 09 Nov 2022 03:26:48 GMT
Etag: "6369d8c2-1d7"
Expires: Thu, 10 Nov 2022 04:19:14 GMT
Last-Modified: Tue, 08 Nov 2022 04:19:14 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 835f3c9e7c3bc0e7766edf13dac581de.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: At1idCQuYlPwnjllQ6QX3sh8KWNoUFRzVF1IH6CmC4ncEMasDnRmFg==
www.browsewithgx.com/assets/xm1k.png
54.230.111.31200 OK 122 kB URL HTTP/2 www.browsewithgx.com/assets/xm1k.png
IP 54.230.111.31:0
File type PNG image data, 532 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 122 kB (121947 bytes)
Hash fb296fd6be55555670e23ef9e4d3176a
97b7aa60b59260cd2ba4c8ea163403ac210780dd
c5e800a0f0f0b3b5ee1e6be0d7dceef5b7c2f88a33345e310afea6aa846fd01e
GET /assets/xm1k.png HTTP/1.1
Host: www.browsewithgx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/?tl=deebcards-themier.com&btn=2&imp=0&cep=_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg&lptoken=163f6728961162af088b&zoneid=5450495&bannerid=15511501&geo=NO&random=929632096&SUBID=614049832285508372&campaignid=6269517&category=%7Bcategory%7D&adformat=onclick&ntk=19&cost=0.000496&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 121947
last-modified: Mon, 21 Mar 2022 18:42:51 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 08 Nov 2022 10:45:45 GMT
etag: "fb296fd6be55555670e23ef9e4d3176a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pDJ5I4JImZeAhjUvkfVDHy0GoiuTzjCM8-6yHViRcXZoASg8QrMKvw==
age: 69932
X-Firefox-Spdy: h2
www.browsewithgx.com/assets/3809.png
54.230.111.31200 OK 7.3 kB URL HTTP/2 www.browsewithgx.com/assets/3809.png
IP 54.230.111.31:0
File type PNG image data, 260 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash 21f7ce215aae34f2e02075c53073aad6
86908885e487fc10674541b47aad6e5b650db373
8a9a18c629393d37153b6e200a557b36ab68bb6bb5068061f4d2a752733e720c
GET /assets/3809.png HTTP/1.1
Host: www.browsewithgx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/?tl=deebcards-themier.com&btn=2&imp=0&cep=_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg&lptoken=163f6728961162af088b&zoneid=5450495&bannerid=15511501&geo=NO&random=929632096&SUBID=614049832285508372&campaignid=6269517&category=%7Bcategory%7D&adformat=onclick&ntk=19&cost=0.000496&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7265
last-modified: Mon, 21 Mar 2022 18:42:51 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 09 Nov 2022 01:56:32 GMT
etag: "21f7ce215aae34f2e02075c53073aad6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EsueDt4q-jcuQrT6pM5bXKq6JYphKe4vTxIYNCnPCr1kM1Skp6e4JQ==
age: 6598
X-Firefox-Spdy: h2
www.browsewithgx.com/assets/brazil.png
54.230.111.31200 OK 161 kB URL HTTP/2 www.browsewithgx.com/assets/brazil.png
IP 54.230.111.31:0
File type PNG image data, 532 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 161 kB (161255 bytes)
Hash 7159e04db522cc24e82254743f459124
67f5522a6b11aacd1936e105b11b0e956a541cf7
707a37320e6f6123c37faeb10a457b84524a350556414863f59f4266a44a0eb2
GET /assets/brazil.png HTTP/1.1
Host: www.browsewithgx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/?tl=deebcards-themier.com&btn=2&imp=0&cep=_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg&lptoken=163f6728961162af088b&zoneid=5450495&bannerid=15511501&geo=NO&random=929632096&SUBID=614049832285508372&campaignid=6269517&category=%7Bcategory%7D&adformat=onclick&ntk=19&cost=0.000496&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 161255
date: Tue, 08 Nov 2022 04:16:17 GMT
last-modified: Mon, 21 Mar 2022 18:42:47 GMT
etag: "7159e04db522cc24e82254743f459124"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8AcWVbvT_D7HAp5GE62lQPk-SHr1EWNjoLXUQt3xSyyeGuj2Z5QDIQ==
age: 83433
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.browsewithgx.com/assets/xwk9.png
54.230.111.31200 OK 327 kB URL HTTP/2 www.browsewithgx.com/assets/xwk9.png
IP 54.230.111.31:0
File type PNG image data, 1930 x 1085, 8-bit/color RGBA, non-interlaced\012- data
Size 327 kB (326592 bytes)
Hash 98bad9c0e22d83f92c81af7450e962a3
999d7edcf7cdff3669f8ef0ba937a695b0cd5238
8065cf86dfb65f5edf4a56a0dabb581f5248216922d4e4a198f2358279721565
GET /assets/xwk9.png HTTP/1.1
Host: www.browsewithgx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/?tl=deebcards-themier.com&btn=2&imp=0&cep=_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg&lptoken=163f6728961162af088b&zoneid=5450495&bannerid=15511501&geo=NO&random=929632096&SUBID=614049832285508372&campaignid=6269517&category=%7Bcategory%7D&adformat=onclick&ntk=19&cost=0.000496&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 326592
last-modified: Mon, 21 Mar 2022 18:42:51 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 08 Nov 2022 08:37:46 GMT
etag: "98bad9c0e22d83f92c81af7450e962a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SguUfDr8oT_sM5_kGICHz6qOOOW1SBX7NKzohmBXtsxz603i6d0ezw==
age: 69932
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5c4c9c21e826ed9dd1520ac96dea393c
106bc7d84ae02a77a4006f2cae1cf7b5093d36c0
1201a34924da1af919077623ac06926d89f890b33b843d30e1e129fee007783f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3b26e900b9be930a07101e0d5f5de579
fc84082e3eef2e000f255f1cbd4cf45b694a2118
1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/chakrapetch/v9/cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2
216.58.207.195200 OK 9.2 kB URL HTTP/2 fonts.gstatic.com/s/chakrapetch/v9/cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9156, version 1.0\012- data
Hash 5383f3ce890e025fd8d85a23662397c9
78a5eac04cfe53d3f1fdcd178288e2cef45032e4
ace012ca5db0bd782a22d938f8bf4a7ecdda284f9515f0c79418356efd5153f5
GET /s/chakrapetch/v9/cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.browsewithgx.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 00:50:38 GMT
expires: Sat, 04 Nov 2023 00:50:38 GMT
cache-control: public, max-age=31536000
age: 441371
last-modified: Thu, 21 Apr 2022 18:49:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/chakrapetch/v9/cIflMapbsEk7TDLdtEz1BwkeNIh1R5_F.woff2
216.58.207.195200 OK 9.1 kB URL HTTP/2 fonts.gstatic.com/s/chakrapetch/v9/cIflMapbsEk7TDLdtEz1BwkeNIh1R5_F.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9104, version 1.0\012- data
Hash d3a2dce5d3d891a0c22a2189c225a4b5
b20c9f3bece3ebb5939ce536577d77ab77c792ac
9da93eacb66618ccecea55a6d5adc410352d1932901b063a06ed65e7a5e37248
GET /s/chakrapetch/v9/cIflMapbsEk7TDLdtEz1BwkeNIh1R5_F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.browsewithgx.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9104
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 20:21:29 GMT
expires: Tue, 07 Nov 2023 20:21:29 GMT
cache-control: public, max-age=31536000
age: 111920
last-modified: Thu, 21 Apr 2022 18:57:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;600&display=swap
142.250.74.10200 OK 60 kB URL HTTP/2 fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;600&display=swap
IP 142.250.74.10:0
Hash 1f97addff51ba8c7956ca41e4159c7fc
3939bab25018c0bf4ff45905a8782aae1379f4d9
5539c0bb63edadee36330f4a9152e206700495b3f0d9398766edef3bac6d4234
GET /css2?family=Chakra+Petch:wght@300;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 09 Nov 2022 03:26:49 GMT
date: Wed, 09 Nov 2022 03:26:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.browsewithgx.com/assets/f9kw.png
54.230.111.31200 OK 3.2 kB URL HTTP/2 www.browsewithgx.com/assets/f9kw.png
IP 54.230.111.31:0
File type PNG image data, 48 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 8ecd278f7d90e1acc6d8d9404046d81a
fb15ed47c5153cc22d735d1b3a8c99fbd28fb814
303c859cc8b6b46e50da1ab8f323d35ce375bf6d45037d3bf1e65e83f70cc5d7
GET /assets/f9kw.png HTTP/1.1
Host: www.browsewithgx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/?tl=deebcards-themier.com&btn=2&imp=0&cep=_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg&lptoken=163f6728961162af088b&zoneid=5450495&bannerid=15511501&geo=NO&random=929632096&SUBID=614049832285508372&campaignid=6269517&category=%7Bcategory%7D&adformat=onclick&ntk=19&cost=0.000496&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3155
last-modified: Mon, 21 Mar 2022 18:42:51 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 08 Nov 2022 08:07:53 GMT
etag: "8ecd278f7d90e1acc6d8d9404046d81a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XevLDnYbmjoRjfAGwoDZVGGAZqqBPt1P30SBhaXiM6yUIk4q5tH2Vg==
age: 72741
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3b26e900b9be930a07101e0d5f5de579
fc84082e3eef2e000f255f1cbd4cf45b694a2118
1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/Uv-jwjKxZsk?controls=0
216.58.207.238200 OK 77 kB URL HTTP/2 www.youtube.com/embed/Uv-jwjKxZsk?controls=0
IP 216.58.207.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash 49677b9c03f24f32d2eaf8399fb3580e
91a92221a3b9d24a65b57e9c49d58aa0bff0feba
3b6470da53335831bce49bde987c532e8597ca8e404bd1714990deebf0398945
GET /embed/Uv-jwjKxZsk?controls=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 09 Nov 2022 03:26:49 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=udUwvKdF64Y; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=w_FLqqS0UXY; Domain=.youtube.com; Expires=Mon, 08-May-2023 03:26:49 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+477; expires=Fri, 08-Nov-2024 03:26:49 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js
216.58.207.238200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js
IP 216.58.207.238:0
File type ASCII text, with very long lines (679)
Hash 26abdee2f7fda61acfbceef73f936a78
58ddf48c21798f2dc309ba38d8432949be2f837b
8a340b331b69b7fff9df67bea03c42248219e5928cb5a662a58da0c4a0df0fd1
GET /s/player/c4225c42/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 98145
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 17:52:19 GMT
expires: Tue, 07 Nov 2023 17:52:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
content-type: text/javascript
age: 120870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5c4c9c21e826ed9dd1520ac96dea393c
106bc7d84ae02a77a4006f2cae1cf7b5093d36c0
1201a34924da1af919077623ac06926d89f890b33b843d30e1e129fee007783f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js
216.58.207.238200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js
IP 216.58.207.238:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 17:52:19 GMT
expires: Tue, 07 Nov 2023 17:52:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
content-type: text/javascript
age: 120870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=1BEAC900322F651710D7DB57337864A2; domain=.bing.com; expires=Mon, 04-Dec-2023 03:26:49 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D6776218857B43BCAB79A583542B57BC Ref B: OSL30EDGE0411 Ref C: 2022-11-09T03:26:49Z
date: Wed, 09 Nov 2022 03:26:48 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3fd3a3910ff028a1b8a1f72bc93e91f5
9ac0351ab9a803e9647882880b4f56693fd769ed
d881fb422e3eaa5ec00a7f6aaed965ac8bd93b2e14970db59c37ee0ba66b0f80
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
11442918.fls.doubleclick.net/activityi;src=11442918;type=pageview;cat=opera0;ord=1;num=7184762982783;gtm=2wgb70;auiddc=1138498016.1667964406;~oref=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3D_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg%26lptoken%3D163f6728961162af088b%26zoneid%3D5450495%26bannerid%3D15511501%26geo%3DNO%26random%3D929632096%26SUBID%3D614049832285508372%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk1?
142.250.74.70200 OK 905 B URL HTTP/2 11442918.fls.doubleclick.net/activityi;src=11442918;type=pageview;cat=opera0;ord=1;num=7184762982783;gtm=2wgb70;auiddc=1138498016.1667964406;~oref=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3D_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg%26lptoken%3D163f6728961162af088b%26zoneid%3D5450495%26bannerid%3D15511501%26geo%3DNO%26random%3D929632096%26SUBID%3D614049832285508372%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk1?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1346), with no line terminators
Hash 14b0215d30880bf89bc417e4d88ba09b
681eddefe2a634ad4a852d6cefacb9535c6f21b0
ff6b424b2583e73bd55a38e7d90a5989b3a30c977431abfaf91451e0d1c38d72
GET /activityi;src=11442918;type=pageview;cat=opera0;ord=1;num=7184762982783;gtm=2wgb70;auiddc=1138498016.1667964406;~oref=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3D_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg%26lptoken%3D163f6728961162af088b%26zoneid%3D5450495%26bannerid%3D15511501%26geo%3DNO%26random%3D929632096%26SUBID%3D614049832285508372%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk1? HTTP/1.1
Host: 11442918.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:26:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 905
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 09-Nov-2022 03:41:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3fd3a3910ff028a1b8a1f72bc93e91f5
9ac0351ab9a803e9647882880b4f56693fd769ed
d881fb422e3eaa5ec00a7f6aaed965ac8bd93b2e14970db59c37ee0ba66b0f80
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/action/0?ti=11002730&tm=gtm002&Ver=2&mid=d49edd67-8faf-4baf-862c-b060c1217c9f&sid=56fde9c05fde11edbe5f4bcf539314a8&vid=56fdec705fde11edb690abd8e5d79d17&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Opera%20GX&p=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3D_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg%26lptoken%3D163f6728961162af088b%26zoneid%3D5450495%26bannerid%3D15511501%26geo%3DNO%26random%3D929632096%26SUBID%3D614049832285508372%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk1&r=<=692&evt=pageLoad&sv=1&rn=631620
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=11002730&tm=gtm002&Ver=2&mid=d49edd67-8faf-4baf-862c-b060c1217c9f&sid=56fde9c05fde11edbe5f4bcf539314a8&vid=56fdec705fde11edb690abd8e5d79d17&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Opera%20GX&p=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3D_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg%26lptoken%3D163f6728961162af088b%26zoneid%3D5450495%26bannerid%3D15511501%26geo%3DNO%26random%3D929632096%26SUBID%3D614049832285508372%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk1&r=<=692&evt=pageLoad&sv=1&rn=631620
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=11002730&tm=gtm002&Ver=2&mid=d49edd67-8faf-4baf-862c-b060c1217c9f&sid=56fde9c05fde11edbe5f4bcf539314a8&vid=56fdec705fde11edb690abd8e5d79d17&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Opera%20GX&p=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3D_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg%26lptoken%3D163f6728961162af088b%26zoneid%3D5450495%26bannerid%3D15511501%26geo%3DNO%26random%3D929632096%26SUBID%3D614049832285508372%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk1&r=<=692&evt=pageLoad&sv=1&rn=631620 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1CAFE58A340D6E210CE7F7DD355A6F05; domain=.bing.com; expires=Mon, 04-Dec-2023 03:26:49 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 876406E015F44C6EADC47894F3BCC22F Ref B: OSL30EDGE0411 Ref C: 2022-11-09T03:26:49Z
date: Wed, 09 Nov 2022 03:26:48 GMT
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=11442918;type=pageview;cat=opera0;ord=1;num=7184762982783;gtm=2wgb70;auiddc=1138498016.1667964406;~oref=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3D_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg%26lptoken%3D163f6728961162af088b%26zoneid%3D5450495%26bannerid%3D15511501%26geo%3DNO%26random%3D929632096%26SUBID%3D614049832285508372%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk1
142.250.74.98200 OK 909 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=11442918;type=pageview;cat=opera0;ord=1;num=7184762982783;gtm=2wgb70;auiddc=1138498016.1667964406;~oref=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3D_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg%26lptoken%3D163f6728961162af088b%26zoneid%3D5450495%26bannerid%3D15511501%26geo%3DNO%26random%3D929632096%26SUBID%3D614049832285508372%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk1
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1345), with no line terminators
Hash 155313dddb8857b72e199e2c14082fe7
48b7de5604c902aa72bec3dfa7a47385777ba69b
3a32412c6eb9be1d51041f8d7af0cbfe7fc824e021a85351f55c793bcb045274
GET /ddm/fls/i/src=11442918;type=pageview;cat=opera0;ord=1;num=7184762982783;gtm=2wgb70;auiddc=1138498016.1667964406;~oref=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3D_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg%26lptoken%3D163f6728961162af088b%26zoneid%3D5450495%26bannerid%3D15511501%26geo%3DNO%26random%3D929632096%26SUBID%3D614049832285508372%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk1 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11442918.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:26:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 909
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/11002730.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/11002730.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/11002730.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=3E499FD04C926B5E0E928D874DC56A34; domain=.bing.com; expires=Mon, 04-Dec-2023 03:26:49 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CEACC29C1F1D42489EB97AA8ED152833 Ref B: OSL30EDGE0411 Ref C: 2022-11-09T03:26:49Z
date: Wed, 09 Nov 2022 03:26:48 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4784079f08e5276b7bd670aed075be5c
997cfb14816a90e340a5f391257d3f8157bc220b
5b88bc0709a5c7a375c380199d49f76e3beedfddf895b80abc3699d73bdf142a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 03:14:05 GMT
expires: Wed, 09 Nov 2022 03:29:05 GMT
cache-control: public, max-age=900
age: 764
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=11442918;type=pageview;cat=opera0;ord=1;num=7184762982783;gtm=2wgb70;auiddc=1138498016.1667964406;~oref=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3D_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg%26lptoken%3D163f6728961162af088b%26zoneid%3D5450495%26bannerid%3D15511501%26geo%3DNO%26random%3D929632096%26SUBID%3D614049832285508372%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk1
142.250.74.66200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=11442918;type=pageview;cat=opera0;ord=1;num=7184762982783;gtm=2wgb70;auiddc=1138498016.1667964406;~oref=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3D_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg%26lptoken%3D163f6728961162af088b%26zoneid%3D5450495%26bannerid%3D15511501%26geo%3DNO%26random%3D929632096%26SUBID%3D614049832285508372%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk1
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=11442918;type=pageview;cat=opera0;ord=1;num=7184762982783;gtm=2wgb70;auiddc=1138498016.1667964406;~oref=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3D_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg%26lptoken%3D163f6728961162af088b%26zoneid%3D5450495%26bannerid%3D15511501%26geo%3DNO%26random%3D929632096%26SUBID%3D614049832285508372%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk1 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 03:26:49 GMT
expires: Wed, 09 Nov 2022 03:26:49 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 09 Nov 2022 03:26:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4e48180712e2e140b9748591e3228a70
49d4292426ddfbc6e98cff6d468e3bdf1be41ff7
16ebf61312b22e0032171995a665bad4ea8c7fd80636fc04eb6456d0f60397ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4e48180712e2e140b9748591e3228a70
49d4292426ddfbc6e98cff6d468e3bdf1be41ff7
16ebf61312b22e0032171995a665bad4ea8c7fd80636fc04eb6456d0f60397ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id?slf_rd=1
142.250.74.34200 OK 120 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id?slf_rd=1
IP 142.250.74.34:0
Hash 75066cf05cb0e41493c5e0e18a911edb
71f3628d9e1e9bcf59384b98db3b81e0ba5db3c7
d2df09e773f0780de3b28d3217926eb412fe501fbc2f0277e469c7451fe9e71e
GET /pagead/id?slf_rd=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Referer: https://www.youtube.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-type: application/json; charset=UTF-8
date: Wed, 09 Nov 2022 03:26:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4784079f08e5276b7bd670aed075be5c
997cfb14816a90e340a5f391257d3f8157bc220b
5b88bc0709a5c7a375c380199d49f76e3beedfddf895b80abc3699d73bdf142a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 09 Nov 2022 03:26:50 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dee3039809fc2026852697eaa005560c
f4f6b76cf09e0a9e756ab6b9b8be26cb6e15b2c7
8091750102499bbd5d92ea3e89cf364e833df30e186963d67a0d66a13751ef8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 643843b7043d56cee7c4a3955ff76434
d191576f4fe2e3ca3e1a197cf81dab04c7bf19b8
251f25a472e70052db2c3043b2d89217e51567ec55a49bd158a1468bfb2998f5
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 09 Nov 2022 03:26:50 GMT
server: ESF
cache-control: private
content-length: 30944
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js
142.250.74.132200 OK 14 kB URL HTTP/2 www.google.com/js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (35974)
Hash 89da5756c3061bf086f28e85c062ea28
d46d62afb0048e31e65c624e26fc5620eb1e7fdd
7c5e7453571c65550671610b433b6a9ce831d3532c6c503539f8a060e5b264df
GET /js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14351
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 00:31:32 GMT
expires: Tue, 07 Nov 2023 00:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
content-type: text/javascript
age: 183318
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4e48180712e2e140b9748591e3228a70
49d4292426ddfbc6e98cff6d468e3bdf1be41ff7
16ebf61312b22e0032171995a665bad4ea8c7fd80636fc04eb6456d0f60397ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 03:26:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 09 Nov 2022 03:26:50 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5450494&axcusid1=&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D5450494%26var%3D%26ymid%3DBqSttMixM2DzdXx2DdaqeA%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=7402
172.67.149.153200 OK 0 B URL HTTP/2 cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5450494&axcusid1=&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D5450494%26var%3D%26ymid%3DBqSttMixM2DzdXx2DdaqeA%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=7402
IP 172.67.149.153:0
GET /r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5450494&axcusid1=&clid={ymid}&r=http%3A%2F%2Fgtoonfd.com%2Flink%3Fz%3D5450494%26var%3D%26ymid%3DBqSttMixM2DzdXx2DdaqeA%26acb%3Dproxy-smart-link&axcusid2=Smartlink&axadvid=1053995&axcamid=7402 HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 09 Nov 2022 03:26:48 GMT
content-type: text/html
last-modified: Tue, 18 Oct 2022 14:05:52 GMT
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TyJKXxWy0UNPkaZiVd%2BaB6jdaDqjXBZAUtIg%2FM1%2Fi0oEAMf84VnmRV4N1xEQNE7YPEumz%2FIhdYXygiU1tFVu9PZ8f1irhXpgQGf59TTXzSqpe9S7SZGuk7%2FjpTKdLvm3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767372ee1c44b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.browsewithgx.com/?tl=deebcards-themier.com&btn=2&imp=0&cep=_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg&lptoken=163f6728961162af088b&zoneid=5450495&bannerid=15511501&geo=NO&random=929632096&SUBID=614049832285508372&campaignid=6269517&category=%7Bcategory%7D&adformat=onclick&ntk=19&cost=0.000496&rdk=rk1
54.230.111.31200 OK 0 B URL HTTP/2 www.browsewithgx.com/?tl=deebcards-themier.com&btn=2&imp=0&cep=_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg&lptoken=163f6728961162af088b&zoneid=5450495&bannerid=15511501&geo=NO&random=929632096&SUBID=614049832285508372&campaignid=6269517&category=%7Bcategory%7D&adformat=onclick&ntk=19&cost=0.000496&rdk=rk1
IP 54.230.111.31:0
GET /?tl=deebcards-themier.com&btn=2&imp=0&cep=_5BvbO9g7XEoFKwez8NoDbzPWsX3WtV2eHxfZM7zJ0rnmCsyKFkvA45K0AQhujqqf6VrRaJ_EfUBVzz5Y2GmSZGv3OMKgKJmcJen5eoFZhYlqB7E9K1FSM8NQ35_AaxMVuRa2nCOIQ5ZNWYFefdsRTvfO7s4Ma2xWCfCLkRDjydJ7HKyLchyjxeuYBqxaLvGbgheVjIbZQJs4KmjS4xCmBYfhlR5Fzsux-CtngytstvkQnT9bwhHDI8VgDzUXCfVqKuUqm-hSkYGhZG3DXZ237GNmCsi3-pISWKvtkyRgztwfNjvFjULSpCCGw1UCT_Rn7G_vFNuhWFJrozvV_SQ38P23MXEPJ8ktfp9jvSCTx9EHaycOaeX9byD9Ej99kuKM_DALkBS1WZLvQ0NDcxfgsgwMMShXMFnW4gou6qdd45-8P_vCvT4hbb6XRzy8pBlhLOMK0Ut3bdfrPQBkJ5ABgXhxrDOnGpEN5x0iQ6quymzRFit5yZ5fR3VxQRwSRpk1LjOeg-g3DjR0ioVf0sabQfU0qVzGJjnP4St0LCUC66gDjMBVCiiVX2qoEBJrqXg&lptoken=163f6728961162af088b&zoneid=5450495&bannerid=15511501&geo=NO&random=929632096&SUBID=614049832285508372&campaignid=6269517&category=%7Bcategory%7D&adformat=onclick&ntk=19&cost=0.000496&rdk=rk1 HTTP/1.1
Host: www.browsewithgx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
date: Tue, 08 Nov 2022 04:55:44 GMT
last-modified: Wed, 23 Mar 2022 18:56:00 GMT
etag: W/"8de111973cb74ca1b8345ce54638b139"
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rGEKag7aKz54s95vXKp6htzPGRPrjCIy84pWpOzMS3K-DIvVCJNOZQ==
age: 81066
X-Firefox-Spdy: h2
www.youtube.com/s/player/c4225c42/player_ias.vflset/en_US/base.js
216.58.207.238200 OK 0 B URL HTTP/2 www.youtube.com/s/player/c4225c42/player_ias.vflset/en_US/base.js
IP 216.58.207.238:0
GET /s/player/c4225c42/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 588928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 17:56:44 GMT
expires: Tue, 07 Nov 2023 17:56:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
content-type: text/javascript
age: 120605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2