t-adbar1.com/_kc1h
52.3.68.160302 Found 0 B IP 52.3.68.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_kc1h HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 16 Feb 2023 03:58:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Set-Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Sat, 18-Mar-2023 03:58:23 GMT; Max-Age=2592000; SameSite=Lax
Location: https://t-adbar1.com/_kc1h
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9b39c3955aa73765d5c9cbe0d4c52f83
b13bf774f0189207d90d846b86b68fcf2f64f868
f6fea261b800d26e329ced17006c9f5d10b6c490dac3b2276cc7b0e2aa38316c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6FEA261B800D26E329CED17006C9F5D10B6C490DAC3B2276CC7B0E2AA38316C"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3224
Expires: Thu, 16 Feb 2023 04:52:07 GMT
Date: Thu, 16 Feb 2023 03:58:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 584dc97b4a725bab46f43b0c52ea2f21
4c7d5484aca5c64746185fa7a1e6103672fd6beb
726714a5ebdaa8dda3c669eedad6503ffd2a822cfd0bbdf5eb8a1d8ad43ad5bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "726714A5EBDAA8DDA3C669EEDAD6503FFD2A822CFD0BBDF5EB8A1D8AD43AD5BD"
Last-Modified: Wed, 15 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11443
Expires: Thu, 16 Feb 2023 07:09:06 GMT
Date: Thu, 16 Feb 2023 03:58:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 16 Feb 2023 03:37:28 GMT
content-type: application/json
age: 1255
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e4879878d8594ad779e96e43ceadae35
e81c37ddd67123e47ea15707896b807a306d8d7e
c50069d7380586c743cddc2678baab9bb04400c70c28c3102650264ef806319c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C50069D7380586C743CDDC2678BAAB9BB04400C70C28C3102650264EF806319C"
Last-Modified: Wed, 15 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12790
Expires: Thu, 16 Feb 2023 07:31:33 GMT
Date: Thu, 16 Feb 2023 03:58:23 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EnAX0vxKz13/K/Mcxh0C7q6gOlT4UimgPaRJpzjfG/JVQuiRpZrNffg5GkDExO+bkAK56U5iX48=
x-amz-request-id: ZV81NDKY6CYMNRNZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 16 Feb 2023 03:49:13 GMT
age: 550
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 16 Feb 2023 03:58:23 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 697bc0ff694c79e1acba5a39ae8994f6
e4f77fc11b2ed6abda306cfefb17ad20194a16a7
2e5b897742af89cf09fd01bd4ec692a4b330355f20a79ea082659052f22311ef
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165561
Date: Thu, 16 Feb 2023 03:58:24 GMT
Etag: "63ed77dc-1d7"
Expires: Sat, 18 Feb 2023 01:57:45 GMT
Last-Modified: Thu, 16 Feb 2023 00:25:00 GMT
Server: ECS (dcb/7F82)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SE3H9ojymzANTcT53nGyDPNKfUPulfjR3xn4JC4P6Kj4Kq-3ditXyg==
Age: 5565
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, Pragma, Expires, Cache-Control, Retry-After, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 16 Feb 2023 03:14:54 GMT
age: 2610
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
t-adbar1.com/favicon.ico
3.217.17.222302 Found 138 B IP 3.217.17.222:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /favicon.ico HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Thu, 16 Feb 2023 03:58:24 GMT
content-type: text/html
content-length: 138
location: https://trafficadbar.com/favicon.ico
server: nginx
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d146aa123635470cfd39942f1f25dcba
274574f078e959a423262a1b95344996299ea1cf
9e2c3a542626c68d479648479e09f9570564d4e1f954f63b6ce97ae939729a3d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E2C3A542626C68D479648479E09F9570564D4E1F954F63B6CE97AE939729A3D"
Last-Modified: Wed, 15 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11367
Expires: Thu, 16 Feb 2023 07:07:51 GMT
Date: Thu, 16 Feb 2023 03:58:24 GMT
Connection: keep-alive
t-adbar1.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
3.217.17.222302 Found 138 B URL HTTP/2 t-adbar1.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
IP 3.217.17.222:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6IlZiUXNrZVZkUndjNGkybWxJeWd6cVE9PSIsInZhbHVlIjoiUXJReUJyQTY3ejNqMUFSb1N0UjQwdz09IiwibWFjIjoiNWZkZjljOWIyYjJmNDAzYzg3ZmM5M2FkYzcxZjBlODRkYWRhODAzZDk0OTRhYjIxZGVjMmNkMzZkMDljODRjMyJ9&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Thu, 16 Feb 2023 03:58:24 GMT
content-type: text/html
content-length: 138
location: https://trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
server: nginx
X-Firefox-Spdy: h2
t-adbar1.com/assets/BarController.js
3.217.17.222200 OK 1.1 kB URL HTTP/2 t-adbar1.com/assets/BarController.js
IP 3.217.17.222:0
File type ASCII text, with very long lines (1068), with no line terminators
Hash efa0db095e35eb95ee151016e47c492b
82a86e0cdbbe5f4a1634b2274f076dbaa053b86e
5adfd45bc89f7c5d9bb06fafb7caf0f317f54849db006ad49301f027ad6ece4c
GET /assets/BarController.js HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6IlZiUXNrZVZkUndjNGkybWxJeWd6cVE9PSIsInZhbHVlIjoiUXJReUJyQTY3ejNqMUFSb1N0UjQwdz09IiwibWFjIjoiNWZkZjljOWIyYjJmNDAzYzg3ZmM5M2FkYzcxZjBlODRkYWRhODAzZDk0OTRhYjIxZGVjMmNkMzZkMDljODRjMyJ9&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:24 GMT
content-type: application/javascript
content-length: 1068
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
etag: "60c06a82-42c"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/kpwPGfkDhzY
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/kpwPGfkDhzY
IP 142.250.74.131:0
Hash 702b87adaf5187725b63745f00b036ff
e9506c8529ee2a40bff9975f6e38a0229e68c8dc
7d9a0bc1050bf5d1c4b2cdd75d0ff6023dc1e2c2e0b3354c55d59c97a61f6e60
POST /s/gts1p5/kpwPGfkDhzY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:24 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.43.61.251101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.61.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Oscaf8a4/aMfl0pV8Ta2ZQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jXJsOfJr0n+JyEpq9iTWW1RH8sg=
t-adbar1.com/_kc1h
3.217.17.222200 OK 930 B IP 3.217.17.222:0
Hash d6d48cba109c9409d34071c256651ea8
c22395d9b8c47e423cd795ea97480acdd7cd3ce9
f7a053196628b7b130a521effc1343dda70c45a1b8c704096242a86336bede92
GET /_kc1h HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:24 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
set-cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Sat, 18-Mar-2023 03:58:24 GMT; Max-Age=2592000; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 8e0b71f8ab18c3ccb1593aee0e381a4b
e78539bc22bbdb32ca05f6dd15b60fa3597a6e84
54887e8b46b3909fd72cdda919662a8542762e2e23b572d6511e65249e2cfab2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136662
Date: Thu, 16 Feb 2023 03:58:24 GMT
Etag: "63ed0312-1d7"
Expires: Fri, 17 Feb 2023 17:56:06 GMT
Last-Modified: Wed, 15 Feb 2023 16:06:42 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cegHKuB4cn4ZSu6cDYt-1Mo-Vhwrq-s9M8LOqjIhQ-xjyLjogxrHFg==
Age: 6564
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash efd01fd4420f7fadc042048485f2be2f
3ae6cac0a85311cb55c6f481bb7f3aaa43d05553
75c3a4f2ce7de56ec95c83c57297a6aed0d46f6563b8efa814873d184b6252e1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2917
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:25 GMT
Last-Modified: Thu, 16 Feb 2023 03:09:48 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
104.17.25.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32065)
Hash 63827323c175768ccb0e8ed54589a3e5
9760e238d6ecced66396798559f70593793d801e
196f9479a27db836a2a7454e222f0cb52d4eeb162e0a50e69401ba1a8d81b564
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 26909
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e4a"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2245351
expires: Tue, 06 Feb 2024 03:58:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M18wKDsTv%2F%2FUfRL7xGC9AxD0pUkSbX3z7IOEX1%2FdY4wegYRW2xdOhAwJWc5L%2FBuiKAikzQdVaM6TZOnbgizE5hc0V2mRDl6n52RfDJ%2By%2FYkvwKsxJ84K0UqErF9fWOPOJmW7EcZZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79a35d5fcbbf0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ea0ca8da1be2786b4aa8f8d0fce34865
71866f091b4bfeb606abcba25302c0c38933fb06
37eca64edf23acaa559bef3503dd03dfc15bd57a964582f7780973b8cac64e53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1515
Cache-Control: max-age=117223
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:25 GMT
Etag: "63eccadd-116"
Expires: Fri, 17 Feb 2023 12:32:08 GMT
Last-Modified: Wed, 15 Feb 2023 12:06:53 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
code.jquery.com/ui/1.11.4/jquery-ui.min.js
69.16.175.10200 OK 64 kB URL HTTP/2 code.jquery.com/ui/1.11.4/jquery-ui.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32035)
Hash 28749bfe6af321b7c932452b38ce8683
2b444e3dee68a935213db86fd188c22883a65683
9110cdde7eb592e332cf7fa4347e5b3b17a2868ecde80d0c4a054bf0dd5a03b2
GET /ui/1.11.4/jquery-ui.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://llclickpro.com
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:25 GMT
content-encoding: gzip
content-length: 64296
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-3ab2b"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CPHvtp8GEocBCiQyY2ZiZDQxMC02ZDc4LTQ2ODktYTVjZi03YTliNjM5ODQwNmIQqKenrJKE/QIaBgjh07afBiIMOTEuOTAuNDIuMTU0KL+0AzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkMDc2Mjk4MGItM2I0Yy00YmQ5LWI1YTAtYzE5MDBkMGM0NjY5GKj2AyIYCAISFGNkczAyMC5zazEuaHdjZG4ubmV0.hsJuP4USycgP4qRgcSUDSCw3GWnLwgVqO6HLrJCOtoU=
x-hw: 1676519905.dop218.sk1.t,1676519905.cds218.sk1.hn,1676519905.cds020.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/kpwPGfkDhzY
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/kpwPGfkDhzY
IP 142.250.74.131:0
Hash 702b87adaf5187725b63745f00b036ff
e9506c8529ee2a40bff9975f6e38a0229e68c8dc
7d9a0bc1050bf5d1c4b2cdd75d0ff6023dc1e2c2e0b3354c55d59c97a61f6e60
POST /s/gts1p5/kpwPGfkDhzY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
172.64.133.15200 OK 4.5 kB URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (26516)
Hash d7d1afe3a89371f4e00e396a2e856363
b9420102f22b1bdfc95eb14493ab0598ea11fa05
015d4d70fec69f027bee642b45ac3d583c5e0ec3cddad58286d2c1d618ec10d2
GET /releases/v5.15.4/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:25 GMT
content-type: text/css
x-amz-id-2: l7s+BaCyhyb5VSa95ipB9bqakUdUEL61xP3o2NTwjziMZKqpfqrwePgHTxnIpUGzySaKM6jZIYX0eJNxn2lA/A==
x-amz-request-id: FNNAA4WERS25G1WE
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"a034d3c71bee546f625877d7932917f8"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1773613
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfovjZzq3N88XkrYNLCYqrfIh87qcV4qQJ4ZMYhaWLyclA4AA05m6O8%2Bpq8vk4P%2Be%2FWG7qFPsEfRw9gDH%2BDzQbKKiFrLCsOdPMFYWH0wEKvF6iQTWaMoUEkwCP8Qv9rIv6YZFQY8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79a35d5ffcad8879-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/all.css
172.64.133.15200 OK 13 kB URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/all.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (59119)
Hash 9f7196ce768e5721be300e4a2f0ce077
9b6e43dc16d87c21f63a086b7a19c8793836b3da
95af94789e4f1f4075e59b58a38ef2107df447e95b71b7e7ac980f4231a1e1d7
GET /releases/v5.15.4/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:25 GMT
content-type: text/css
x-amz-id-2: RNMOzIL4L62JBv1gQZuSQi/KuXz1AKThNkDAuYU8eSg8Xvz4uMd6NO3J1xUVs/t1EMltDUPglKQ=
x-amz-request-id: QJNWHRSCTPN9EYA3
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2354255
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMMDJFftjCvfQJd%2B7BRKRUh198mlRFI47JcrCbvbKXrGcj1ufy4OKTlPQHjApc48BMTIkQW0swyGxnsLUsLDLj868Ly0qnWBTyxpWpOR0B6BYiH18TRmH14Wz8UAzKmRC%2BBRHU3U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79a35d5feca68879-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a261f73f40b7da635914b6d69f15dbe1
5f8e85aea2bf87ffe0eeb42fe0d8fe1ba094fe37
ac6ff03d0ff8bcbe8f646b5ed14b29bf50ab67181094d0928cc882af7690e1b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 493
Cache-Control: max-age=152559
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:25 GMT
Etag: "63ed58e3-118"
Expires: Fri, 17 Feb 2023 22:21:04 GMT
Last-Modified: Wed, 15 Feb 2023 22:12:51 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
imgavatar.llsvr.com/scsa7588.m.jpg
104.21.15.178200 OK 4.6 kB URL HTTP/2 imgavatar.llsvr.com/scsa7588.m.jpg
IP 104.21.15.178:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 100x100, components 3\012- data
Hash 8c8ff51f6858c6fb1b8ace70a73759e9
5388d61308b409e08a0507b4364615a746fdd254
44317f0e3df8fda2e8eaf878a91a42d79c566823fe872f5448367186e6671ad2
GET /scsa7588.m.jpg HTTP/1.1
Host: imgavatar.llsvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:25 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Sun, 26 Jun 2022 06:42:15 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjI1jj6w2oLQc7ui1zJAwtluYt2m4nm1RnmuiuBmNDtQWqJgFIun6TbQ2vdNNbDS6EpzHE229OFxn8i20C58WcNTqNCzO7Bkz4A4sKQ0GdSsPtP%2BzZi%2BDU5N5C8Pr1YLLOExindA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79a35d5fcf491c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c9333ebd8634e6b287e0b58265edf328
6ea57e1529609f015e198c72d2455c758f5b45ab
6bc07733856e4fbefbb42e5ad6423539ccbc855c66cf4279bf515997ea8933d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC07733856E4FBEFBB42E5AD6423539CCBC855C66CF4279BF515997EA8933D2"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5344
Expires: Thu, 16 Feb 2023 05:27:29 GMT
Date: Thu, 16 Feb 2023 03:58:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c9333ebd8634e6b287e0b58265edf328
6ea57e1529609f015e198c72d2455c758f5b45ab
6bc07733856e4fbefbb42e5ad6423539ccbc855c66cf4279bf515997ea8933d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC07733856E4FBEFBB42E5AD6423539CCBC855C66CF4279BF515997EA8933D2"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5344
Expires: Thu, 16 Feb 2023 05:27:29 GMT
Date: Thu, 16 Feb 2023 03:58:25 GMT
Connection: keep-alive
llclickpro.com/MCTGlanding/tab
104.21.65.65200 OK 2.3 kB URL HTTP/2 llclickpro.com/MCTGlanding/tab
IP 104.21.65.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (373), with CRLF, LF line terminators
Hash 9caf35306a97d5194c40796e7abb26c9
3dda48042241eef3b2db30d155a247ce7402a72b
f8700468c02a6842943862684580ed02d27ac1aa7e8e882f635d4f651caf73dd
GET /MCTGlanding/tab HTTP/1.1
Host: llclickpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: lltkrl156457=1; expires=Fri, 17-Feb-2023 03:58:25 GMT; Max-Age=86400; path=/; SameSite=Lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJ5ZFpXHVp9Wh6L0WQV9mMAN1fBnz1Q78Lh0KoQhUe%2F5owWw%2B5XiOtM%2F1Fs7OFEaJjukdD5JSJbKxvYK3RQniiXL5mo2VRy9l0Bz3g%2BuPZD6NEwPXYZSA26XJzsVrYLRZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a35d5c99951c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c9333ebd8634e6b287e0b58265edf328
6ea57e1529609f015e198c72d2455c758f5b45ab
6bc07733856e4fbefbb42e5ad6423539ccbc855c66cf4279bf515997ea8933d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC07733856E4FBEFBB42E5AD6423539CCBC855C66CF4279BF515997EA8933D2"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5343
Expires: Thu, 16 Feb 2023 05:27:29 GMT
Date: Thu, 16 Feb 2023 03:58:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c9333ebd8634e6b287e0b58265edf328
6ea57e1529609f015e198c72d2455c758f5b45ab
6bc07733856e4fbefbb42e5ad6423539ccbc855c66cf4279bf515997ea8933d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC07733856E4FBEFBB42E5AD6423539CCBC855C66CF4279BF515997EA8933D2"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5343
Expires: Thu, 16 Feb 2023 05:27:29 GMT
Date: Thu, 16 Feb 2023 03:58:26 GMT
Connection: keep-alive
t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6IlZiUXNrZVZkUndjNGkybWxJeWd6cVE9PSIsInZhbHVlIjoiUXJReUJyQTY3ejNqMUFSb1N0UjQwdz09IiwibWFjIjoiNWZkZjljOWIyYjJmNDAzYzg3ZmM5M2FkYzcxZjBlODRkYWRhODAzZDk0OTRhYjIxZGVjMmNkMzZkMDljODRjMyJ9&abc=
3.217.17.222200 OK 13 kB URL HTTP/2 t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6IlZiUXNrZVZkUndjNGkybWxJeWd6cVE9PSIsInZhbHVlIjoiUXJReUJyQTY3ejNqMUFSb1N0UjQwdz09IiwibWFjIjoiNWZkZjljOWIyYjJmNDAzYzg3ZmM5M2FkYzcxZjBlODRkYWRhODAzZDk0OTRhYjIxZGVjMmNkMzZkMDljODRjMyJ9&abc=
IP 3.217.17.222:0
Hash 3d69941d4da73c41c951fa87f4de2df4
c50f42f0cddefc5b7b1d909b57161073096e2a8a
1a3963ec36f594ff5555175285425a1aa9fa668a6211fe3a8995effeca63ba4f
GET /_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6IlZiUXNrZVZkUndjNGkybWxJeWd6cVE9PSIsInZhbHVlIjoiUXJReUJyQTY3ejNqMUFSb1N0UjQwdz09IiwibWFjIjoiNWZkZjljOWIyYjJmNDAzYzg3ZmM5M2FkYzcxZjBlODRkYWRhODAzZDk0OTRhYjIxZGVjMmNkMzZkMDljODRjMyJ9&abc= HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/_kc1h
Connection: keep-alive
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:24 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
set-cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Sat, 18-Mar-2023 03:58:24 GMT; Max-Age=2592000; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F286b4e23-2f24-4932-bfd4-ba436c31684d.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F286b4e23-2f24-4932-bfd4-ba436c31684d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ea5cca15797e54167789b55364dfddf
0feaec0e29208860a9be0523af419363df2e4182
7e57d39f0d12002905d70eb92519995f4cf8839f57c1c79771626819ad46a3f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F286b4e23-2f24-4932-bfd4-ba436c31684d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6433
x-amzn-requestid: ee3090ec-14d5-4c9f-be06-6543ec18c260
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZlzpG8qoAMF_0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed5017-28184eb57ce3801903ccd1df;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: YBg-sbZQKY05he8yDo9O2ODA5Ziw1YbWLwrHfdHHIL_SP2D-IZ9KWQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 21:38:53 GMT
etag: "0feaec0e29208860a9be0523af419363df2e4182"
content-type: image/jpeg
age: 22773
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
trafficadbar.com/favicon.ico
3.217.17.222200 OK 7.0 kB URL HTTP/2 trafficadbar.com/favicon.ico
IP 3.217.17.222:0
Hash 42d1ebd5a360907537b638a25e4181d5
3076375a47c1c99372571a89df9e8e02ba8ec2d8
1d295dece45518b8fda299d3c1fc49f924849ace22a4ffe266023387bdf54c07
GET /favicon.ico HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:24 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03d8b9db-4d74-4d37-9579-bc1defd9c23d.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03d8b9db-4d74-4d37-9579-bc1defd9c23d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f605d750b4f6c765d827527cc6846627
64e73779243684555e7835698e53a50352071ad6
707d1050736f19c06a88abac85c5a4e17dc12ba09618a5bbc67bbd416a6d2b25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03d8b9db-4d74-4d37-9579-bc1defd9c23d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4253
x-amzn-requestid: c62459f6-3b6a-4ef8-a1db-79857cd60196
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZlzeGo9IAMFtoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed5015-0be365d62e47063b1341b454;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cUKqMz9rzrodOzMj2-uTW-k_G3_6zIheZjofTH1ZguFHGC38iu6Uag==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 21:39:03 GMT
etag: "64e73779243684555e7835698e53a50352071ad6"
content-type: image/jpeg
age: 22763
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 504b69ec2b6350345c36777959b0765a
c302824325b8f0839c7de54af9c5bd02541e4269
6e3a5b1cd7d17a9f448b8189d5683567269b3b3d461838770482283898008f39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14477
x-amzn-requestid: 2544b5cc-3fb0-4536-88ec-8cb9044fb612
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANtsXFBYoAMF6tA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e88fe8-452901f67af9f5d95ccc61c3;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 07:06:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 18cnMMCsvwUvJVsvM8s2v0k3P6WL1kzo4S9dOvsskdYEBk748cj3Cw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 05:17:43 GMT
age: 81643
etag: "c302824325b8f0839c7de54af9c5bd02541e4269"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049c0359-f97c-4035-8318-4d664e9e94e9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049c0359-f97c-4035-8318-4d664e9e94e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffba011968f980db58b57027d4be1ea1
7598dbc5cc76dcdf34a922b01a14c179702fb841
1b8b88ce8216f1917b052481fab0db062890eeb39febeb8bb63fba4643b9eaf9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049c0359-f97c-4035-8318-4d664e9e94e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: c060dfec-c37f-4e1d-81db-6cf683ef06f4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZmNwFj8IAMFdKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed50be-364c85595c13ccdb5b900506;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:38:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHo2ytWmoyvoe0w0p2aaH7xsko7rzQfMqnKmAdBRb5nwGHPhf2XOnw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 21:38:53 GMT
etag: "7598dbc5cc76dcdf34a922b01a14c179702fb841"
content-type: image/jpeg
age: 22773
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7bfce1c962b03014c1d5cc56ebf9ab66
37675548e4a5a7c85b699968d419ea5fe65765ef
c64f46a1bc128b91b107137904a00f315e20caf387c170989ab2a233bb6a926f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C64F46A1BC128B91B107137904A00F315E20CAF387C170989AB2A233BB6A926F"
Last-Modified: Wed, 15 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21558
Expires: Thu, 16 Feb 2023 09:57:44 GMT
Date: Thu, 16 Feb 2023 03:58:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 551030796547cb48b832dd41bba2cc54
65c18ad2ecab0cc1747b8a57434f82815143036b
0f6a48313c6d2b8ecfd9de0e353c539cd153114e1f1ee41caf0b3ce5d585f572
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0F6A48313C6D2B8ECFD9DE0E353C539CD153114E1F1EE41CAF0B3CE5D585F572"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3323
Expires: Thu, 16 Feb 2023 04:53:50 GMT
Date: Thu, 16 Feb 2023 03:58:27 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e978922cebd8d802046736073986fb97
e120dce490ed2a163292cb0de22b89b769b098bb
a41c92fa3754c120cd11aa4bdcc6b098c80747d6d8bcfe9b759de3dd8cfe6b82
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 16 Feb 2023 03:58:27 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 14 Feb 2023 02:30:28 GMT
Expires: Tue, 21 Feb 2023 02:30:27 GMT
Etag: "e120dce490ed2a163292cb0de22b89b769b098bb"
Cache-Control: max-age=426119,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79a35d6b4d690b31-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e811c05d7b791b98aea6b2fcb476f10e
22446c9850bfaad80e9a21ae5e12b6f08eab0322
f07288128edd8100435652b4323bea8c678afcfb5769f8a7ca00be962b8e989a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.morecouponstogo.com/uni-landing
34.237.47.210200 OK 40 kB URL HTTP/2 www.morecouponstogo.com/uni-landing
IP 34.237.47.210:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6684)
Hash c6b57db6ec20967569246c351820c7e2
6697f368299f2b9b422b1650023ecb2ed67d89c2
2971a4010b2c3d01d62ba3a27d6c80290097b31c03de3e01ddd832013583907f
Analyzer Verdict Alert fortinet Phishing
GET /uni-landing HTTP/1.1
Host: www.morecouponstogo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 16 Feb 2023 03:58:26 GMT
content-type: text/html; charset=UTF-8
content-length: 39785
x-brizy-preview: 1
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
x-varnish: 212271090 177467240
age: 508217
via: 1.1 varnish (Varnish/6.2)
x-cache: HIT
x-cache-hits: 3491
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-LRYZTN7NCV
172.217.21.168200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LRYZTN7NCV
IP 172.217.21.168:0
File type ASCII text, with very long lines (19467)
Hash 1f3b682ca27e065404efe4368c1cb342
d1e07aaa72f6716261f04ff9c1851a17cca9fada
e9f19ef14e74129fe843cdfe75da4f2fd024f41989549136173bda16f5ec3f9c
GET /gtag/js?id=G-LRYZTN7NCV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 16 Feb 2023 03:58:27 GMT
expires: Thu, 16 Feb 2023 03:58:27 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78347
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash e978922cebd8d802046736073986fb97
e120dce490ed2a163292cb0de22b89b769b098bb
a41c92fa3754c120cd11aa4bdcc6b098c80747d6d8bcfe9b759de3dd8cfe6b82
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 16 Feb 2023 03:58:27 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 14 Feb 2023 02:30:28 GMT
Expires: Tue, 21 Feb 2023 02:30:27 GMT
Etag: "e120dce490ed2a163292cb0de22b89b769b098bb"
Cache-Control: max-age=426119,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79a35d6b4e1cb4f9-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1f355611ff7f773dd6f88e437f1e9f9c
9b41d0cf2ed4be7cebdd1ac97640c928ce051cbb
6f7a3a71b1c5a8c17ccb7161f1e1549ed5bdd82b462252b42bbaaa302f6ccd02
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4903
Cache-Control: public, max-age=300
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:27 GMT
Etag: "63e68ddc-5"
Expires: Fri, 17 Feb 2023 23:36:59 GMT
Last-Modified: Fri, 10 Feb 2023 18:33:00 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e811c05d7b791b98aea6b2fcb476f10e
22446c9850bfaad80e9a21ae5e12b6f08eab0322
f07288128edd8100435652b4323bea8c678afcfb5769f8a7ca00be962b8e989a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsalphasha2g2
151.101.2.133200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.2.133:0
Hash d7d4299a90191ed61b35bc7ac11159d1
caf5e8fbceeb3b171bc456446654584af5e5135a
4c8c33c6d259c892674357d5ffafb9d0ca7fc5b98d43745b862c8cc20f2e3222
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Mon, 20 Feb 2023 01:37:56 GMT
ETag: "caf5e8fbceeb3b171bc456446654584af5e5135a"
Last-Modified: Thu, 16 Feb 2023 01:37:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 16 Feb 2023 03:58:27 GMT
Age: 1185
X-Served-By: cache-qpg1245-QPG, cache-bma1620-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 13, 2
X-Timer: S1676519907.305786,VS0,VE0
d1ielco78gv5pf.cloudfront.net/assets/external_portfolio.js
54.230.245.222200 OK 368 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/external_portfolio.js
IP 54.230.245.222:0
File type ASCII text, with very long lines (656), with no line terminators
Hash b5ec16a6962b298f78b6cec8ea07c798
92156c23772de75b11fbb3842cff7aafb3f36d2f
a3b8c3ae6fd1b0a623464b1babc563fece01356823bd51f662c6fdc34e2fad26
GET /assets/external_portfolio.js HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 368
date: Tue, 17 May 2022 09:40:53 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-encoding: gzip
etag: "6282220d-170"
expires: Fri, 14 May 2032 09:40:53 GMT
last-modified: Mon, 16 May 2022 10:06:05 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T4QOztewHzkqoAauV2CZ6uxoKbiZvbMIuKDJ8rkRiEr86f2E0iXDXA==
age: 23739454
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 45602290213eeb8c8745e3e415689e2c
2efd1d856719624adc2d47e02daa8e6509c9c95e
c7f81b96bb86e2abed73111890fc311fc75b638c71d6ba4d75926292db9bcae8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=86551
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:27 GMT
Etag: "63ec58fa-117"
Expires: Fri, 17 Feb 2023 04:00:58 GMT
Last-Modified: Wed, 15 Feb 2023 04:00:58 GMT
Server: nginx
Content-Length: 279
cdn.pawns.app/images/b/728.jpg
104.21.0.234200 OK 36 kB URL HTTP/2 cdn.pawns.app/images/b/728.jpg
IP 104.21.0.234:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 728x90, components 3\012- data
Hash 1a16a35751a49694efb63b5940346594
dc17e89b059f3cafb83822ede344fdcd62e6fe89
067683e1633fba7df1a636b4983d1c2a3847068f7b6599358c534368bd49e660
GET /images/b/728.jpg HTTP/1.1
Host: cdn.pawns.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:27 GMT
content-type: image/jpeg
content-length: 35887
last-modified: Tue, 30 Aug 2022 15:35:34 GMT
expires: Sat, 03 Feb 2024 12:34:55 GMT
cache-control: public, max-age=31536000, no-transform
cf-cache-status: HIT
age: 81767
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lb%2BeGbDnSuB1xLqHIeOu6bFSh7LPj9VO98BscQJioz23exPj9KxIZLUqpMLLfFw1DJN%2FaNggoZTjeOOLAmCbJLCP3jNuvIfhZQlWE6sFBIXI1TQloqEeu7%2BBKNsigC6t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79a35d6d6c4e0b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 45602290213eeb8c8745e3e415689e2c
2efd1d856719624adc2d47e02daa8e6509c9c95e
c7f81b96bb86e2abed73111890fc311fc75b638c71d6ba4d75926292db9bcae8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=86551
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:27 GMT
Etag: "63ec58fa-117"
Expires: Fri, 17 Feb 2023 04:00:58 GMT
Last-Modified: Wed, 15 Feb 2023 04:00:58 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2a6a31eeb42165afc5c232743c22ba87
42e9c888a6d6bbac227eb11b4b9c06d6e8c78c46
f655018326cb5cda9e85516721c270d08ef1e233e5f33884c767433e82c9d692
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F655018326CB5CDA9E85516721C270D08EF1E233E5F33884C767433E82C9D692"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21582
Expires: Thu, 16 Feb 2023 09:58:09 GMT
Date: Thu, 16 Feb 2023 03:58:27 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 3d74027254765b8af85e2ddb68633f59
f4df4b986b4f7aa0a490f0e803ab78d925b376ee
203e16892e9e02e3fc38d175f25d638d2d505f33a84a65a84c5956662e6c1924
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142435
Date: Thu, 16 Feb 2023 03:58:27 GMT
Etag: "63ed2204-1d7"
Expires: Fri, 17 Feb 2023 19:32:22 GMT
Last-Modified: Wed, 15 Feb 2023 18:18:44 GMT
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: B-Tg8oNFxIZnCjqw0MFJ2x_70y2EPDBJzcpNOzipCCR-YMqlh4kWwQ==
Age: 4418
b-cloud.b-cdn.net/builds/pro/126-cloud/css/group-3-pro.css
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/126-cloud/css/group-3-pro.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /builds/pro/126-cloud/css/group-3-pro.css HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:27 GMT
content-type: text/css
content-length: 0
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Tue, 31 Jan 2023 10:24:52 GMT
x-amz-id-2: 0Dg2OBf4kX6OLHvXwuPteFkFnWOQn3pH0k0zC7zZ2kyj4i04OH682ES/MYgIEudGLZRG/BIof9E=
x-amz-request-id: 7NQBFS6KW1XKD6EX
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/16/2023 03:58:27
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/126-cloud/css/group-3-pro.css>; rel="canonical"
cdn-status: 200
cdn-requestid: 0d26b081e772d60fc7056d2b99a6b543
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestchange.com/images/banners/banner-bg.png
54.37.161.241200 OK 658 B URL HTTP/2 www.bestchange.com/images/banners/banner-bg.png
IP 54.37.161.241:0
File type PNG image data, 468 x 60, 8-bit colormap, non-interlaced\012- data
Hash 004a29e6947ee2d16ff509ac76cc553f
ca1186cbe2e48aaab8acae2fde105d4b08d15ef2
39e8df19bafce1d8b59b430ab9125105c806b6f968810be670590ab77b026bb8
GET /images/banners/banner-bg.png HTTP/1.1
Host: www.bestchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 16 Feb 2023 03:58:27 GMT
content-type: image/png
content-length: 658
last-modified: Sat, 12 Nov 2022 19:31:47 GMT
etag: "636ff4a3-292"
expires: Sat, 18 Mar 2023 03:58:27 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/montserrat/files/montserrat-latin-700-normal.woff2
194.242.11.186200 OK 13 kB URL HTTP/2 fonts.bunny.net/montserrat/files/montserrat-latin-700-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 12848, version 1.0\012- data
Hash f0b3206d02a2f684530117ce1d7e8ce0
f3708b707b65e241b0f1c819d5f7bf7da8412653
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
GET /montserrat/files/montserrat-latin-700-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:27 GMT
content-type: font/woff2
content-length: 12848
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aea096-3230"
last-modified: Fri, 30 Dec 2022 08:25:58 GMT
cdn-storageserver: SE-318
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:42:17
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 953ea89e6c087d5578166455837ce0fe
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/oswald/files/oswald-latin-700-normal.woff2
194.242.11.186200 OK 10 kB URL HTTP/2 fonts.bunny.net/oswald/files/oswald-latin-700-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data
Hash 58e5c92fd1a1fc89b8ca6d74ce4793b8
337771c465778aeed6de18195e0cbe9d9098d299
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
GET /oswald/files/oswald-latin-700-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:27 GMT
content-type: font/woff2
content-length: 10172
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee20a-27bc"
last-modified: Fri, 30 Dec 2022 13:05:14 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/28/2023 10:32:04
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 53a985810cd4700cca809cbb8034d498
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/montserrat/files/montserrat-latin-600-normal.woff2
194.242.11.186200 OK 13 kB URL HTTP/2 fonts.bunny.net/montserrat/files/montserrat-latin-600-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 12700, version 1.0\012- data
Hash e571167fbcce8d5081bce96a09930063
e12420f5e4da3ccdc75a58ce744e7d5a0c6cf79e
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
GET /montserrat/files/montserrat-latin-600-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:27 GMT
content-type: font/woff2
content-length: 12700
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aea094-319c"
last-modified: Fri, 30 Dec 2022 08:25:56 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:43:20
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ef5d0c98f066dec98c1d315a459225c4
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 38 kB IP 142.250.74.131:0
Hash ca46f9bc213c767c043f7a6f49d5a7f2
0dffd2cd7822d3460b473a743682d2dbecea6d73
7950287bc506418a1a320d6afe8ca1b3d90be96026ace1a6a09ae74db3c35b8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 557678ff401326da1fe82a91ad545a3b
34553ffe009c6bece95cc88502bf95285ac0455e
8926c16f4032de5e1748e24d46a35db17b26f63524dfb1c2baafd84999fe4cc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.bunny.net/lato/files/lato-latin-400-normal.woff2
194.242.11.186200 OK 24 kB URL HTTP/2 fonts.bunny.net/lato/files/lato-latin-400-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /lato/files/lato-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:28 GMT
content-type: font/woff2
content-length: 23580
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63ae91bd-5c1c"
last-modified: Fri, 30 Dec 2022 07:22:37 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:41:05
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 0de565b5ac45a29c3342954460b1f827
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/palanquin-dark/files/palanquin-dark-latin-700-normal.woff2
194.242.11.186200 OK 19 kB URL HTTP/2 fonts.bunny.net/palanquin-dark/files/palanquin-dark-latin-700-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 18824, version 1.0\012- data
Hash 0b8cbe6afbac36bab648231406851927
2f67e3adf1061cf82e075d636ae22bc4fca731ea
2c83b448afb8398f6ff0f1d684f125b13e0889b05c5041bb8ff4eb680a892089
GET /palanquin-dark/files/palanquin-dark-latin-700-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:28 GMT
content-type: font/woff2
content-length: 18824
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee488-4988"
last-modified: Fri, 30 Dec 2022 13:15:52 GMT
cdn-storageserver: SE-344
cdn-fileserver: 344
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/13/2023 23:12:34
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 5d074782693a006914a4d05605ddeacf
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/palanquin-dark/files/palanquin-dark-latin-400-normal.woff2
194.242.11.186200 OK 20 kB URL HTTP/2 fonts.bunny.net/palanquin-dark/files/palanquin-dark-latin-400-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 20084, version 1.0\012- data
Hash 732c9716022aa43449564603e08aeb9b
477fa3a5c43696287d20b4b491e36d754d1c8866
37bb3776ce24d18cccdd5dc96199ad60c22afd1e190452a18e8c4fd2f8679a98
GET /palanquin-dark/files/palanquin-dark-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:28 GMT
content-type: font/woff2
content-length: 20084
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee486-4e74"
last-modified: Fri, 30 Dec 2022 13:15:50 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/29/2023 18:06:45
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6f6832188a1d5badbdfde61f432051ab
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/oswald/files/oswald-latin-400-normal.woff2
194.242.11.186200 OK 9.8 kB URL HTTP/2 fonts.bunny.net/oswald/files/oswald-latin-400-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /oswald/files/oswald-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:28 GMT
content-type: font/woff2
content-length: 9840
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee207-2670"
last-modified: Fri, 30 Dec 2022 13:05:11 GMT
cdn-storageserver: SE-344
cdn-fileserver: 344
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:41:40
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 910787870dc8605dc5325d88904b1737
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/roboto/files/roboto-latin-700-normal.woff2
194.242.11.186200 OK 16 kB URL HTTP/2 fonts.bunny.net/roboto/files/roboto-latin-700-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /roboto/files/roboto-latin-700-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:28 GMT
content-type: font/woff2
content-length: 15860
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aef481-3df4"
last-modified: Fri, 30 Dec 2022 14:24:01 GMT
cdn-storageserver: SE-318
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/05/2023 02:11:03
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 755d3d1c116f0e36e6e2f9ece6c72ee9
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.gravitec.net/storage/651b3da8463250405063839a2450c723/client.js
45.133.44.3200 OK 19 kB URL HTTP/2 cdn.gravitec.net/storage/651b3da8463250405063839a2450c723/client.js
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Hash f27169b92a0e200e6c73e23025084e60
ddbce77b64e171c11d4bcbca64e1e1228f642d7a
d3c44e1792f2a3950b0d17742743d374358582503049213032b35dd01792750d
GET /storage/651b3da8463250405063839a2450c723/client.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:27 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Mon, 31 Oct 2022 19:57:34 GMT
etag: W/"636028ae-100fb"
expires: Mon, 31 Oct 2022 20:24:50 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: REVALIDATED
X-Firefox-Spdy: h2
cdn.affiliates.one/production/admin_affiliates_com_tw/image_creative/6848/x1dmuwbyv2tjwywndwsoqvvuraktdtp1szujaobnu_cheapoair_468x60.gif?wl=8&image_creative_id=6848&offer_id=1481&offer_variant_id=1871&network_id=169&affiliate_id=17200&affiliate_offer_id=1826500
54.230.111.85200 OK 14 kB URL HTTP/2 cdn.affiliates.one/production/admin_affiliates_com_tw/image_creative/6848/x1dmuwbyv2tjwywndwsoqvvuraktdtp1szujaobnu_cheapoair_468x60.gif?wl=8&image_creative_id=6848&offer_id=1481&offer_variant_id=1871&network_id=169&affiliate_id=17200&affiliate_offer_id=1826500
IP 54.230.111.85:0
File type GIF image data, version 89a, 468 x 60\012- data
Hash 97fea49af7bf619f505f90feb16ee6dc
e8d7deedfe00f192c37f176cd795b0a6caf2ea20
05f4606a5f2a901ca8bdd466d304ec19f4aae4bcdc9174eb3105303a1a477703
GET /production/admin_affiliates_com_tw/image_creative/6848/x1dmuwbyv2tjwywndwsoqvvuraktdtp1szujaobnu_cheapoair_468x60.gif?wl=8&image_creative_id=6848&offer_id=1481&offer_variant_id=1871&network_id=169&affiliate_id=17200&affiliate_offer_id=1826500 HTTP/1.1
Host: cdn.affiliates.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 13831
last-modified: Thu, 23 Oct 2014 04:46:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 15 Feb 2023 05:15:19 GMT
etag: "97fea49af7bf619f505f90feb16ee6dc"
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1VXc5gMQdZWlbL5vBwTYrKL5YURJ6nGbOYupOI4_3zVljT2Pobk4yA==
age: 81790
X-Firefox-Spdy: h2
www.bestchange.com/js/banner.php?p=1276983
54.37.161.241200 OK 16 kB URL HTTP/2 www.bestchange.com/js/banner.php?p=1276983
IP 54.37.161.241:0
Hash 5206818ff264dc40f2a501177338b5d0
892c90e86153dc9a059433d1b6f323b81493d05c
bb7154525efd2d4d6568f3837acce55b36a99d9201601f2f87c272b5737484fc
GET /js/banner.php?p=1276983 HTTP/1.1
Host: www.bestchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 16 Feb 2023 03:58:27 GMT
content-type: application/x-javascript; charset=windows-1251
cache-control: public, max-age=86400
set-cookie: userid=e62ebd345096f0865f6800d24a7f00e6; expires=Sun, 13-Feb-2033 03:58:27 GMT; Max-Age=315360000; path=/
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 557678ff401326da1fe82a91ad545a3b
34553ffe009c6bece95cc88502bf95285ac0455e
8926c16f4032de5e1748e24d46a35db17b26f63524dfb1c2baafd84999fe4cc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY
216.58.207.238200 OK 80 kB URL HTTP/2 www.youtube.com/embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY
IP 216.58.207.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58608)
Hash 43a356bd40f24ce18f16cabc4d774682
55750d1f584974234fc3b8adf0cea584a8ee964d
c0d443d5bcc586ab274b1b6398d8d6855130c9c51e2e6fac02673e6f9db2072d
GET /embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 16 Feb 2023 03:58:28 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=dqnGf74m25M; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=AOn4mFS5KaA; Domain=.youtube.com; Expires=Tue, 15-Aug-2023 03:58:28 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekl3TURVNU9ERTNOemt3TVRFMU5UazROdz09EOTTtp8GGOTTtp8G; Domain=.youtube.com; Expires=Tue, 15-Aug-2023 03:58:28 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+041; expires=Sat, 15-Feb-2025 03:58:28 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/d36aPUaJ1Pg?autoplay=1&controls=0&start=2&end=2&modestbranding=1&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=d36aPUaJ1Pg
216.58.207.238200 OK 139 kB URL HTTP/2 www.youtube.com/embed/d36aPUaJ1Pg?autoplay=1&controls=0&start=2&end=2&modestbranding=1&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=d36aPUaJ1Pg
IP 216.58.207.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58608)
Size 139 kB (138577 bytes)
Hash 70d0b4f38e53ff8e958c3ba1a1e89b01
bf8df25629edff4cd1eef64a58b150ae1086c448
35908ccd4833a2e3e33c63152f8e82472ece092f5d71f1642cd3ea317a2eaee3
GET /embed/d36aPUaJ1Pg?autoplay=1&controls=0&start=2&end=2&modestbranding=1&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=d36aPUaJ1Pg HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 16 Feb 2023 03:58:28 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=1S01w8E1BVc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=ccHlPsLDhmA; Domain=.youtube.com; Expires=Tue, 15-Aug-2023 03:58:28 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekl3TURVNU9ERTNOemN6TWpReU16STJOZz09EOTTtp8GGOTTtp8G; Domain=.youtube.com; Expires=Tue, 15-Aug-2023 03:58:28 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+691; expires=Sat, 15-Feb-2025 03:58:28 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ea69200b2e7a122c79c5da762d037de
bb5bb0e3cf15fc4023409249dcb7878e9e148ca0
e5a679e6cdbc2c00b1fdee7766e7dc9b6ae5094134361b904f0d5d978cdfbafb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.gravitec.net/sdk/web/configs?appKey=651b3da8463250405063839a2450c723
45.133.44.3200 OK 1.3 kB URL HTTP/2 cdn.gravitec.net/sdk/web/configs?appKey=651b3da8463250405063839a2450c723
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Hash 98a3ff8f5a6b88743b55ffd5de32c54b
29e45b53451aca7b7d231de8377f146089fcc78c
fb999719948be3695856d6d4b1f94231ff4197eabad66394c393294500c11fc9
GET /sdk/web/configs?appKey=651b3da8463250405063839a2450c723 HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:28 GMT
content-type: application/json
server: nginx
x-correlation-id: 2c5ec92e12a0f34b6f459aabd9d83719
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: MISS
X-Firefox-Spdy: h2
www.youtube.com/embed/o5F8MOz_IDw?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
216.58.207.238200 OK 43 kB URL HTTP/2 www.youtube.com/embed/o5F8MOz_IDw?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
IP 216.58.207.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash 80ab73a457789917c8b2fd27181fb144
1cff6893f4d89373569ebc2a380f1a6e8ec4bd1c
a34414f01acc9735d7efefb857e11aae4ca2d30cacee596c30eaa77a47ad3842
GET /embed/o5F8MOz_IDw?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 16 Feb 2023 03:58:28 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=PdbdHiafsUA; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekl3TURVNU9ERTNOemcyTnpVeU9USXlOQT09EOTTtp8GGOTTtp8G; Domain=.youtube.com; Expires=Tue, 15-Aug-2023 03:58:28 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=j6B1sjxkKe8; Domain=.youtube.com; Expires=Tue, 15-Aug-2023 03:58:28 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+081; expires=Sat, 15-Feb-2025 03:58:28 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Feb 2023 17:20:45 GMT
expires: Tue, 13 Feb 2024 17:20:45 GMT
cache-control: public, max-age=31536000
age: 211063
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ea69200b2e7a122c79c5da762d037de
bb5bb0e3cf15fc4023409249dcb7878e9e148ca0
e5a679e6cdbc2c00b1fdee7766e7dc9b6ae5094134361b904f0d5d978cdfbafb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash afe3e8075fa93613ca842e0aaa3648e4
a394a36db3cb9c924db9467c2086e08051a08468
86b6d5acd56a6ddd7c6185d0c99cd622b0216f89fb61ea1d651a7dd30e212695
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 16 Feb 2023 03:58:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 15 Feb 2023 07:33:04 GMT
Expires: Wed, 22 Feb 2023 07:33:03 GMT
Etag: "a394a36db3cb9c924db9467c2086e08051a08468"
Cache-Control: max-age=530674,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79a35d74ffd50b31-OSL
a-cloud.b-cdn.net/media/iW=101&iH=101&oX=0&oY=16&cW=101&cH=70/9b040f5e483e93a7cce7e811fc84b625/image.png
194.242.11.186200 OK 2.0 kB URL HTTP/2 a-cloud.b-cdn.net/media/iW=101&iH=101&oX=0&oY=16&cW=101&cH=70/9b040f5e483e93a7cce7e811fc84b625/image.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash 99f2f3bd994a519250122d235f0da5d3
80413556bfc2e3b9fa0e856200020d7bca6af5e5
fb40359f8a5bea55a10c3eb5c3fa4a2a6cd77eba854972e437f8b81d175fab37
GET /media/iW=101&iH=101&oX=0&oY=16&cW=101&cH=70/9b040f5e483e93a7cce7e811fc84b625/image.png HTTP/1.1
Host: a-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:28 GMT
content-type: image/webp
content-length: 2032
server: BunnyCDN-NO1-830
cdn-pullzone: 465925
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Thu, 16 Feb 2023 03:58:28 GMT
x-bo-server: DE-223
x-downloadsize: 3099
x-bo-origindownloadtime: 466
x-bo-processingtime: 0
x-bo-compressionratio: 34.43%
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/16/2023 03:58:28
cdn-edgestorageid: 830
link: <https://www.brizy.cloud/media/iW=101&iH=101&oX=0&oY=16&cW=101&cH=70/9b040f5e483e93a7cce7e811fc84b625/image.png>; rel="canonical"
cdn-status: 200
cdn-requestid: 4bee7c228a312ff7e3e893be4370fcac
cdn-cache: MISS
X-Firefox-Spdy: h2
a-cloud.b-cdn.net/media/iW=5000&iH=any/2140325504fda1a2cde8af4bef434f25/maxresdefault-3-.jpg
194.242.11.186200 OK 134 kB URL HTTP/2 a-cloud.b-cdn.net/media/iW=5000&iH=any/2140325504fda1a2cde8af4bef434f25/maxresdefault-3-.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 134 kB (133726 bytes)
Hash 17cb64a7e38ad2c297119061fc95c6de
d6e4522265fe3d65b3537a1d572efd41fd6cf3dc
08ef857da7faa71d137eb33c08bddd65735b149d578e088ee9e610d6d92d24a3
GET /media/iW=5000&iH=any/2140325504fda1a2cde8af4bef434f25/maxresdefault-3-.jpg HTTP/1.1
Host: a-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:28 GMT
content-type: image/webp
content-length: 133726
server: BunnyCDN-NO1-830
cdn-pullzone: 465925
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Thu, 16 Feb 2023 03:58:28 GMT
x-bo-server: DE-136
x-downloadsize: 146099
x-bo-origindownloadtime: 452
x-bo-processingtime: 9
x-bo-compressionratio: 8.47%
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/16/2023 03:58:28
cdn-edgestorageid: 830
link: <https://www.brizy.cloud/media/iW=5000&iH=any/2140325504fda1a2cde8af4bef434f25/maxresdefault-3-.jpg>; rel="canonical"
cdn-status: 200
cdn-requestid: c082bf028d90fc1fa326f5ee6c268c07
cdn-cache: MISS
X-Firefox-Spdy: h2
yazing.com/css/showdeals-yzwg.css
54.81.41.150200 OK 406 B URL HTTP/1.1 yazing.com/css/showdeals-yzwg.css
IP 54.81.41.150:0
Hash 67799b159cb3ef050044a77a2b3a9b45
886d44342cba8c02f846fc12bcce675f8356f1b3
4e3c99e3266b36b09cbb5bac828e08cf82ffe1d810c57049627da012ce92fcaa
GET /css/showdeals-yzwg.css HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 16 Feb 2023 03:58:28 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Mon, 26 Apr 2021 12:38:43 GMT
ETag: "441-5c0df6d092f3d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Content-Length: 406
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cdn.gravitec.net/modules/0.bundle.js
45.133.44.3200 OK 3.8 kB URL HTTP/2 cdn.gravitec.net/modules/0.bundle.js
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Hash 6594ca6990f911894b43d1986e47ea66
67771efb0729a2369655162c71fe6f19272f7fad
744760cce4e3128e61e0076c8a2e94cffebbb4a511844f6d99dce6f73b0d137e
GET /modules/0.bundle.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:29 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
etag: W/"61fa486f-2550"
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
yazing.com/widget/ajax-show-deals
54.81.41.150200 OK 5.4 kB URL HTTP/1.1 yazing.com/widget/ajax-show-deals
IP 54.81.41.150:0
File type JSON data\012- , ASCII text, with very long lines (5373), with no line terminators
Hash 33163738ba4ba9e76561a1a59b38a4fd
e997c8193ebc936e310fc0d7af4ff07b68249d59
882145c6e06359a47cd40d1b62d96e245773da636aab5b06b419fbb30be724bc
POST /widget/ajax-show-deals HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 379
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 16 Feb 2023 03:58:29 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: advanced-frontend=fqfffmpnagrj2pe9dusg6br402; expires=Sat, 15-Feb-2025 03:58:29 GMT; Max-Age=63072000; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Content-Length: 5373
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
yazing.com/uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png
54.81.41.150200 OK 32 kB URL HTTP/1.1 yazing.com/uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png
IP 54.81.41.150:0
File type PNG image data, 156 x 156, 8-bit/color RGB, non-interlaced\012- data
Hash e73e4950ca69496813697388bd293d8e
5d318dc8a278e0557dd0a27001294b2bdfbbc67f
9b79ee4d11f956e94c8bf287a0f813bd48dc25f269f121685393abbb37e271e1
GET /uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 16 Feb 2023 03:58:29 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sat, 08 Jan 2022 10:03:48 GMT
ETag: "7ee3-5d50f3844096e"
Accept-Ranges: bytes
Content-Length: 32483
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash b77dd19016fb6a5c90f777364efe98e3
9f011fcf34e0a30e0820344576359e919faade5d
b579222d46c5417091dabf6227486e96c75da2a7de7f2265606f0465ac069aff
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=300
Date: Thu, 16 Feb 2023 03:58:29 GMT
Etag: "63e68ddc-5"
Expires: Sat, 18 Feb 2023 01:28:35 GMT
Last-Modified: Fri, 10 Feb 2023 18:33:00 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GT5KRjBxkqAWAhxDQqKlAPk4yeCQGQ9lf4IIC57_SFgbBIEljvIwog==
Age: 5993
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash b77dd19016fb6a5c90f777364efe98e3
9f011fcf34e0a30e0820344576359e919faade5d
b579222d46c5417091dabf6227486e96c75da2a7de7f2265606f0465ac069aff
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159948
Date: Thu, 16 Feb 2023 03:58:29 GMT
Etag: "63ed7256-1d7"
Expires: Sat, 18 Feb 2023 00:24:17 GMT
Last-Modified: Thu, 16 Feb 2023 00:01:26 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BqlLAsWFIxHgDCNJgDD_GS-kPI88sBEO50k9Wtu9FPPJ19D_5oLzZw==
Age: 1371
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash b77dd19016fb6a5c90f777364efe98e3
9f011fcf34e0a30e0820344576359e919faade5d
b579222d46c5417091dabf6227486e96c75da2a7de7f2265606f0465ac069aff
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 16 Feb 2023 03:58:29 GMT
Last-Modified: Thu, 16 Feb 2023 03:30:45 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: W9XzPngaOul8X9yZB9StoJESEXUHAIMtLgjNlksv0BUYzUeyrxeLIw==
Age: 1664
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash b77dd19016fb6a5c90f777364efe98e3
9f011fcf34e0a30e0820344576359e919faade5d
b579222d46c5417091dabf6227486e96c75da2a7de7f2265606f0465ac069aff
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=300
Date: Thu, 16 Feb 2023 03:58:29 GMT
Etag: "63e68ddc-5"
Expires: Sat, 18 Feb 2023 01:45:52 GMT
Last-Modified: Fri, 10 Feb 2023 18:33:00 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bCEv4IEZKG2ne_c6Umwfs6oSqeMmOPYY-B-d8-Va-UDcFGfQnVSpLg==
Age: 1975
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash b77dd19016fb6a5c90f777364efe98e3
9f011fcf34e0a30e0820344576359e919faade5d
b579222d46c5417091dabf6227486e96c75da2a7de7f2265606f0465ac069aff
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=300
Date: Thu, 16 Feb 2023 03:58:29 GMT
Etag: "63e68ddc-5"
Last-Modified: Fri, 10 Feb 2023 18:33:00 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RrvhCl45XKFNrawJF4LHjOfi0FEJ0xkAPMiwFkfaU9sbuzZU7uLVmQ==
Age: 5993
s3.amazonaws.com/logos.formetocoupon.com/120x60/41495.gif
52.216.178.141200 OK 2.0 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/41495.gif
IP 52.216.178.141:0
File type GIF image data, version 89a, 120 x 60\012- data
Hash d2f9432727658dae3f83f905b720e305
f814726824af56cd6c5cfc6a3e8f30736984e58b
5e14a9409d7a07f212dcab8a0c71e09fb38b2e442f23f7c6eab7757dd29697ea
GET /logos.formetocoupon.com/120x60/41495.gif HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: /HVjGImzBb57MdjTwHt4oKmYIVyr2b/7XJCy15s/tvURCEtG9dC4m/5xjpRhBfnoOmvIBwuPVAE=
x-amz-request-id: ZFD318NG38TMMXK1
Date: Thu, 16 Feb 2023 03:58:30 GMT
Last-Modified: Sat, 23 Nov 2019 16:16:43 GMT
ETag: "d2f9432727658dae3f83f905b720e305"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 2041
assets6.lottiefiles.com/private_files/lf30_aXRkcv.json
54.230.111.52200 OK 102 kB URL HTTP/2 assets6.lottiefiles.com/private_files/lf30_aXRkcv.json
IP 54.230.111.52:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 102 kB (101465 bytes)
Hash 5383a9974611cbb7c0308de55230b6ee
ef97dc77a7eb63d9970d8e5a4c24907166fbde72
6fc237301d760ef9bcba9d46ca0b434adc1d24c05a40df6ab2df26533a00f169
GET /private_files/lf30_aXRkcv.json HTTP/1.1
Host: assets6.lottiefiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 1800
last-modified: Wed, 10 Jun 2020 03:42:46 GMT
x-amz-version-id: cl7YYcZ.eZwJkn7C3eZLvmpcNwHYuuSO
server: AmazonS3
content-encoding: br
date: Thu, 16 Feb 2023 03:58:29 GMT
etag: W/"fc1fe14e06bca801e615880167a4397d"
vary: Accept-Encoding,Origin
x-cache: RefreshHit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sNaNboKuzRMuN4wdzOnGyWYsUE82WN0uXC5AXh_FwFBCwWeI5Zt76Q==
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/57951.jpg
52.216.178.141200 OK 17 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/57951.jpg
IP 52.216.178.141:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:09:05 13:04:02], progressive, precision 8, 120x60, components 3\012- data
Hash 2eb6c9a4d272802dbb128ed38e7a5c52
2a63a5f3a9dd0699aa4f23c4f5d98f6e22ccbf6a
93dbc0025e3a8fe262efcaec2beaa45f1ed03a489ce77990c982b5768b267fb1
GET /logos.formetocoupon.com/120x60/57951.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Dk9I2cVUx3kvgCVYrK+TpVrAwcvojPxRmUNrXggt/qXZmbZxKj+INbmTNU8tTNrZNQasSZqkTCs=
x-amz-request-id: ZFDB2QM01GYXA452
Date: Thu, 16 Feb 2023 03:58:30 GMT
Last-Modified: Mon, 05 Sep 2022 11:04:21 GMT
ETag: "2eb6c9a4d272802dbb128ed38e7a5c52"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 17147
s3.amazonaws.com/logos.formetocoupon.com/120x60/22812.jpg
52.216.178.141200 OK 21 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/22812.jpg
IP 52.216.178.141:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:05:10 11:47:02], progressive, precision 8, 120x60, components 3\012- data
Hash c50c2bc85b52acb7876414f60b0546d7
0406422809a1b8ae63e41e15d67727953773b7b3
d5b066192ae9c6eb4912a385fd4cb645bd3f3bc1b2567087b062e030a0c23a38
GET /logos.formetocoupon.com/120x60/22812.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: rPGx0YenepIkXpTJWkWfK8fh4pOoyFZ8YUgjZ8EGj+myYgCFUnTz1WIch12k4ND2w7kkNk1nacE=
x-amz-request-id: ZFD7RC4NY19SE97S
Date: Thu, 16 Feb 2023 03:58:30 GMT
Last-Modified: Mon, 10 May 2021 09:47:19 GMT
ETag: "c50c2bc85b52acb7876414f60b0546d7"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 20872
cdn.gravitec.media/track.min.js
45.133.44.4200 OK 20 kB URL HTTP/2 cdn.gravitec.media/track.min.js
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Hash 199a45d07adb26fbe7028555fdb57a1b
d81ce4efc6e757eb55e36c919f6040a8f28ecf40
3eb46995ae66ff9e19b9315110fac11db2de6408a35b58fc28fbcd19fa490c07
GET /track.min.js HTTP/1.1
Host: cdn.gravitec.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:29 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
etag: W/"5dde8d82-11d5"
cache-control: max-age=7776000
access-control-allow-origin: *
content-encoding: gzip
expires: Wed, 17 May 2023 03:58:29 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/25268.gif
52.216.178.141200 OK 2.3 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/25268.gif
IP 52.216.178.141:0
File type GIF image data, version 89a, 120 x 60\012- data
Hash cf37554943d5538e103d21b3c3e39ed6
02748f407dfe962b12e77c47859d334983e35b58
524bbaa6c6f30d9c2bb4eea04ecb3ee579607de7702a4938ac9bb157d968cdbc
GET /logos.formetocoupon.com/120x60/25268.gif HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: WtcBWXJCK6HSGZppRLiG1RD2P12cTcBW4S8hTTXtj6o6hCuvNjCVGOSZZ2EqLlQ2PElGbD+WrR0=
x-amz-request-id: ZFDAGNFWX17PFR2R
Date: Thu, 16 Feb 2023 03:58:30 GMT
Last-Modified: Thu, 18 Feb 2016 20:24:04 GMT
ETag: "cf37554943d5538e103d21b3c3e39ed6"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 2343
s3.amazonaws.com/logos.formetocoupon.com/120x60/58419.jpg
52.216.178.141200 OK 31 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/58419.jpg
IP 52.216.178.141:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:09:22 15:45:06], progressive, precision 8, 120x60, components 3\012- data
Hash 9a52447583f891dc387298edfecf8224
b4c08b55dc053987d8d66658d77123252464952b
b175347cb23506f45584585ed66d17e923c347cbd24640f8ba1e0ee52931a023
GET /logos.formetocoupon.com/120x60/58419.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: /pXDj9WLdnLzo8zqh5gHNlfS46BvVxGrDItZzihjd0DZoSNlke7bYTY3bFh4ATevpyf59Z7+ucQ=
x-amz-request-id: ZFD5HQ73D2S85JE6
Date: Thu, 16 Feb 2023 03:58:30 GMT
Last-Modified: Thu, 22 Sep 2022 13:45:23 GMT
ETag: "9a52447583f891dc387298edfecf8224"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 30939
s3.amazonaws.com/logos.formetocoupon.com/120x60/50875.jpg
52.216.178.141200 OK 15 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/50875.jpg
IP 52.216.178.141:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:08:26 12:09:12], progressive, precision 8, 120x60, components 3\012- data
Hash 324341797b452530f95912959e2290d2
12011572d8d9963f3394f982463aa535b664b042
4fed903c2c238c4a4f4e484121288d2bd406e7bdaf080bf606a381e7abb851a2
GET /logos.formetocoupon.com/120x60/50875.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: DtDIgdn4KRL8n2hmE+BTLVGVWQaffKM71hq8jM2PlrAimXlDxPXjUW53WHMZ22MQv0BmRxSRcXA=
x-amz-request-id: ZFDEN9AP7NMB0DSY
Date: Thu, 16 Feb 2023 03:58:30 GMT
Last-Modified: Thu, 26 Aug 2021 10:09:24 GMT
ETag: "324341797b452530f95912959e2290d2"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 15305
s3.amazonaws.com/logos.formetocoupon.com/120x60/53938.jpg
52.216.178.141200 OK 24 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/53938.jpg
IP 52.216.178.141:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:02:03 14:23:28], baseline, precision 8, 120x60, components 3\012- data
Hash f41c610227bd8a78a04162ddc6986ac2
5f00291069a668314dcc04d60727517796709a18
5ca756b97453abea9bd1fdd3a020adb8cafc24a614cc37caa4accb9fd7b8cbf8
GET /logos.formetocoupon.com/120x60/53938.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: +7qDLN47scwqMBD/Z47uLeOWCCJD+FG1DWa4s7Tu2JHN6Aqdvox8f9mVh8Nd4PCVQ++TuObMv54=
x-amz-request-id: ZFDCN3SJX857Z94F
Date: Thu, 16 Feb 2023 03:58:30 GMT
Last-Modified: Thu, 03 Feb 2022 12:23:40 GMT
ETag: "f41c610227bd8a78a04162ddc6986ac2"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 23792
s3.amazonaws.com/logos.formetocoupon.com/120x60/17882.gif
52.216.178.141200 OK 4.8 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/17882.gif
IP 52.216.178.141:0
File type GIF image data, version 87a, 120 x 60\012- data
Hash eb76f79e52dcec0d7dac8e288098999b
91d2d7a0f6c0dd0e177901fa2d5fba92b6125d9e
d5b37c1412acf7b99c92f660504179a7b0366402c94758ca6af9a676a5e20687
GET /logos.formetocoupon.com/120x60/17882.gif HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 7A46Lqtd1UBIgDfJd4yhMwX1Ynr4XL6dszYMmZyb5riimOQ8kIPTH2+K0bdF1Hbcx4OaK3EvJ6o=
x-amz-request-id: ZFD3TZEHY9HCJB7V
Date: Thu, 16 Feb 2023 03:58:30 GMT
Last-Modified: Fri, 11 Apr 2014 21:10:45 GMT
ETag: "eb76f79e52dcec0d7dac8e288098999b"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 4769
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9a3724f8aa674100c569629ce29c0a13
5f61dda85bf468fbea8aab1c913880f90a88363a
323ecda75852de582b13e3c71a1c952399dd77215c498d77eb3f8ade33a68f7a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cb965c79765ef0120d324cc6033abc8c
6e1827f9984615817c484a1ebbd3a5ef548f4407
3ca9b85801845d392b68cdadcb5fd982dcedf89ad66f323f1ec38e0fe3473db3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Feb 2023 03:46:40 GMT
expires: Thu, 16 Feb 2023 04:01:40 GMT
cache-control: public, max-age=900
age: 710
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Thu, 16 Feb 2023 03:58:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1d7c9b871a92c9c3323d4c33fadaa990
ca91560f860ea74f070fea8aac4e5d3530c86f13
ddca2477d4665278a35977d2888e58fe641b4e9939fb9272b2a772a4db6ce40b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b6768e8111d6b4b7eff11bc8ecb7c382
d1a322a3300d57aad0e2f60b7ed9a13638399dd1
02fd37be97e8ad6e055b5332d1c339e4dbb499f12676afe1af7184866e9f2f2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 654c00a41978042f7c4f1ad7bda8a346
debaaa6ca3d25d90ed91b6173071ac18f5f33f57
114a94a35d9281769109bab077f2ef6d6bf048b11e42c3dc73c4aa5e5eedb25e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "114A94A35D9281769109BAB077F2EF6D6BF048B11E42C3DC73C4AA5E5EEDB25E"
Last-Modified: Wed, 15 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17535
Expires: Thu, 16 Feb 2023 08:50:45 GMT
Date: Thu, 16 Feb 2023 03:58:30 GMT
Connection: keep-alive
api.gravitec.media/api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=f4aab436-33f7-4c3b-ae84-04588bdac0ce&utmb=be8c43a7-cd6a-46a7-97a7-bb7b34c7f0a3&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F
35.214.184.209201 Created 0 B URL HTTP/2 api.gravitec.media/api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=f4aab436-33f7-4c3b-ae84-04588bdac0ce&utmb=be8c43a7-cd6a-46a7-97a7-bb7b34c7f0a3&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F
IP 35.214.184.209:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=f4aab436-33f7-4c3b-ae84-04588bdac0ce&utmb=be8c43a7-cd6a-46a7-97a7-bb7b34c7f0a3&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F HTTP/1.1
Host: api.gravitec.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 201 Created
server: nginx
date: Thu, 16 Feb 2023 03:58:30 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
x-correlation-id: c31952fc4057c74959ea3b8303a28354
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4a392518c9e8f5ffdba7781e5f7dfba0
05ee3907143e363f871288bd4a9f963d9874b328
abdc294c7e601efc16157d0329a19198f2178712c675fe9ad897912b968ff2ee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3963
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:30 GMT
Last-Modified: Thu, 16 Feb 2023 02:52:27 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/undefined/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/undefined/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 00d7e17d289173611b4a2f1745369da3
8233597f70713614c92658ba55e884ef904395a4
32bd8711f2ee5d8fca23b6550370d2e42c359cfabc84f1a738805daec6e47c6b
GET /undefined/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 24aecac56dcafd95b2c93e1ce3774f90
etag: "47937e7f86640e661d314ae371f9771a"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 16 Feb 2023 04:02:54 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: ANfhfSiRc2EbSi8XRTadow==
x-fb-debug: 4W7GPl7ErA813W2RSHr/WhWhgUnv7qdLaGT8PA1W2AauNpR2Hh6T8KUvJq3IFFuoqkulM60RbdwEuKy2sLtGHA==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1904183273
date: Thu, 16 Feb 2023 03:58:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4770623398847220
142.250.74.2200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4770623398847220
IP 142.250.74.2:0
File type ASCII text, with very long lines (3649)
Hash 0e2b5a8169a38f36d9560844cf2604a9
a050c49b39cfcf4f5ed43ff0ec58d4d6b2543dbc
5810c5ddca8f83ab367b9966e47755c1c833efdbc71dcbbe92d16ae6cc7473cd
GET /pagead/js/adsbygoogle.js?client=ca-pub-4770623398847220 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 16 Feb 2023 03:58:30 GMT
expires: Thu, 16 Feb 2023 03:58:30 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 1187643321025354573
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49560
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4a392518c9e8f5ffdba7781e5f7dfba0
05ee3907143e363f871288bd4a9f963d9874b328
abdc294c7e601efc16157d0329a19198f2178712c675fe9ad897912b968ff2ee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3963
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:30 GMT
Last-Modified: Thu, 16 Feb 2023 02:52:27 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81a861ad34eebfde7b0fb8be89ae9a80
4e36dac83150fac2efa4cada5b72ae50fe7aa95c
f9dca744ee31eaffa8710d2e1863ce4ee0e0a206b0288b82a6631f4e424c561d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81a861ad34eebfde7b0fb8be89ae9a80
4e36dac83150fac2efa4cada5b72ae50fe7aa95c
f9dca744ee31eaffa8710d2e1863ce4ee0e0a206b0288b82a6631f4e424c561d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 16 Feb 2023 03:58:30 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3757f53f949cb7c2bb6ea7b4704830e8
68204db509c3404cb9e56c82a4ba8223a6ab2c6e
c3dda3b5932c9c87bee971d100de1d46ce73e7b0355368d8acee6d9bfd47572c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 480aec73f793d1a5791efe260ae9d556
82c7253deac70b5ac8e72dc86729696e397991ea
b747fec3ac75313316629ddf60d6f2c0a1b595e5a91b338602f3c58610ef9194
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 16 Feb 2023 03:58:30 GMT
server: ESF
cache-control: private
content-length: 30761
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/js/th/e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js
216.58.211.4200 OK 14 kB URL HTTP/2 www.google.com/js/th/e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js
IP 216.58.211.4:0
File type ASCII text, with very long lines (36180)
Hash 6caf3ddf47bad942732577bf1cd634ed
5930e4cdb4173c5ffa3f9e2eaf7ecc147623dd0c
cc13b4b51d92ba1992ec59da7b670f2a66cf5ffd4907061f911349e925a218b7
GET /js/th/e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14345
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Feb 2023 11:00:07 GMT
expires: Tue, 13 Feb 2024 11:00:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 233903
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.redbubble.com/assets/external_portfolio.js
104.18.8.241301 Moved Permanently 0 B URL HTTP/2 www.redbubble.com/assets/external_portfolio.js
IP 104.18.8.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/external_portfolio.js HTTP/1.1
Host: www.redbubble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 16 Feb 2023 03:58:27 GMT
location: https://d1ielco78gv5pf.cloudfront.net/assets/external_portfolio.js
cache-control: max-age=3600
expires: Thu, 16 Feb 2023 04:58:27 GMT
set-cookie: __cf_bm=tIV0AHUYiboVLRGo754ldErRiKCPQ2iRrnAz9GF6p5M-1676519907-0-AejS+uanxDjLVpL0Ir/gKTxLA7lvXy1ofuT3GZR+nw92NPVqV9JulylvhxxObwHUIrON5n+AfcQ2oW36/m+0gcY=; path=/; expires=Thu, 16-Feb-23 04:28:27 GMT; domain=.redbubble.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 79a35d6c1e1ab506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
54.230.245.222200 OK 793 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
IP 54.230.245.222:0
File type ASCII text, with very long lines (2368)
Hash c03418fdd6fad3ea75ccfc3c9fc5e67d
39b5410e5df22761f2f69cb2760e10232bee7807
eef19009dab4eb577ab5309252a4b88e664ccb0a36f52123659801b8d0337916
GET /assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 793
date: Fri, 16 Dec 2022 01:43:33 GMT
server: nginx
last-modified: Tue, 13 Dec 2022 10:06:05 GMT
content-encoding: gzip
expires: Mon, 13 Dec 2032 01:43:33 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MxqXMNkRgwblzwx6Chyxohticu67P_tLlN8W5_vnQblE0bl7PqHuag==
age: 5364897
X-Firefox-Spdy: h2
www.youtube.com/embed/0nxwujvI9-4?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
216.58.207.238200 OK 2.1 MB URL HTTP/2 www.youtube.com/embed/0nxwujvI9-4?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
IP 216.58.207.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Size 2.1 MB (2141953 bytes)
Hash dbb3ff524d55499816147e728b0643a7
23979d22ae59633d094f61fe65ee08cedab35f64
b879bb2cb9e90269eeac86aa6b6383854d8bbd7a421d5139aef0f50f7c7885d9
GET /embed/0nxwujvI9-4?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 16 Feb 2023 03:58:28 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=c3H6KIxuANk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=pk3FkoOLZ4s; Domain=.youtube.com; Expires=Tue, 15-Aug-2023 03:58:28 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekl3TURVNU9ERTNOall5T1RReE1UTXpOdz09EOTTtp8GGOTTtp8G; Domain=.youtube.com; Expires=Tue, 15-Aug-2023 03:58:28 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+979; expires=Sat, 15-Feb-2025 03:58:28 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 16 Feb 2023 03:58:30 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b044b8c65a85859669526f9080f95a3f
8261a964803436543b16a1dc3a5b937aa82ad222
609c7ab96eac4adbfeb32d71105d8114182ba400cdf2a6c3520ccddf63b12259
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 982
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 16 Feb 2023 03:58:30 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2615416373.1429/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 12 kB URL HTTP/2 ih1.redbubble.net/image.2615416373.1429/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 4ed24b51630a165d7ab03688d1325d25
c726cb712f4cd72bf5c564a7dc0ad0ebbf9d2a52
19914bb432c06112f7f8b4878fbfbb15d4610cac7de7e1e4cada665e77dc02ac
GET /image.2615416373.1429/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 7813297
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Thu, 16 Feb 2023 03:58:31 GMT
etag: W/"19914bb432c06112f7f8b4878fbfbb15"
last-modified: Thu, 17 Nov 2022 17:36:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F709)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: e3905e0b-d695-4b0b-8efc-7a4564418686
x-xss-protection: 1; mode=block
content-length: 12230
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2423146004.3028/raf,220x200,075,t,black.u5.jpg
68.232.35.237200 OK 7.1 kB URL HTTP/2 ih1.redbubble.net/image.2423146004.3028/raf,220x200,075,t,black.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash ea2e9b008dd5ea4ae82bd436910c2533
9b839ada94e09772f01c49af1032b9f046e9b6ed
0220c6be7d3cfcffc662fcab4c31803925ec7e294e4165098a1b364ad8800ace
GET /image.2423146004.3028/raf,220x200,075,t,black.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 15362748
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Thu, 16 Feb 2023 03:58:31 GMT
etag: W/"0220c6be7d3cfcffc662fcab4c318039"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F716)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 0c943895-8cf5-4c7d-88fc-024373c4d11a
x-xss-protection: 1; mode=block
content-length: 7140
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2446110696.1260/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 18 kB URL HTTP/2 ih1.redbubble.net/image.2446110696.1260/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash cbeccae7615c2abb796b18362413fca1
786507630ef7d824bf8b40a916bb291925c6f8f3
dbafa1cf5b6b67e92b03ca7ec815306d430a7e5909e4976c1678942b12296d67
GET /image.2446110696.1260/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 6360926
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Thu, 16 Feb 2023 03:58:31 GMT
etag: W/"dbafa1cf5b6b67e92b03ca7ec815306d"
last-modified: Sun, 04 Dec 2022 13:03:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F708)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 265760a0-67d0-4cb0-8773-7754a3305ec0
x-xss-protection: 1; mode=block
content-length: 18020
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2609329537.2892/raf,220x200,075,t,white.u5.jpg
68.232.35.237200 OK 13 kB URL HTTP/2 ih0.redbubble.net/image.2609329537.2892/raf,220x200,075,t,white.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 7c729abcf1fb3cbc2c5338f004443fc8
ba2199b908015be4eb601ea363fa1e6a05e6109a
c350b44a154b399e0bef5fafa2ce0bbabd485db22ed9531b4566a297704c2898
GET /image.2609329537.2892/raf,220x200,075,t,white.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 3571750
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Thu, 16 Feb 2023 03:58:31 GMT
etag: W/"c350b44a154b399e0bef5fafa2ce0bba"
last-modified: Thu, 05 Jan 2023 19:49:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F6FC)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: bbbec080-8758-4f4c-bc9f-46a573131e8b
x-xss-protection: 1; mode=block
content-length: 13202
X-Firefox-Spdy: h2
www.brizy.cloud/customfile/83514b99a26a80e89d4d5e894e4e99c3.mp4
3.95.91.48206 Partial Content 47 kB URL HTTP/1.1 www.brizy.cloud/customfile/83514b99a26a80e89d4d5e894e4e99c3.mp4
IP 3.95.91.48:0
Hash 1aaf90fd283f5131f44313ba92102f67
f63b2dc96ee39945f799a5a9767ca276e87b48b7
883765a6344411e12baee015c4f61b695dd9f84f960c7004f35905243041803c
GET /customfile/83514b99a26a80e89d4d5e894e4e99c3.mp4 HTTP/1.1
Host: www.brizy.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=4358144-
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx
Date: Thu, 16 Feb 2023 03:58:30 GMT
Content-Type: video/mp4
Content-Length: 47139
Connection: keep-alive
Cache-Control: public
Last-Modified: Thu, 16 Feb 2023 03:58:30 GMT
Content-Disposition: attachment; filename="Homepage-20video-20on-20White-mp4.mp4"
Accept-Ranges: bytes
Content-Range: bytes 4358144-4405282/4405283
Access-Control-Allow-Origin: *
ih0.redbubble.net/image.2615509652.3915/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 9.5 kB URL HTTP/2 ih0.redbubble.net/image.2615509652.3915/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash bec24a797621dc1b550df36956ebada4
2e28ce3cc5e85db3d2c5fb26f7a328f594a620c8
4e57c4041246929caec036f63290e869dea5923090d2e263a083a0cd9df0f51b
GET /image.2615509652.3915/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 11261446
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Thu, 16 Feb 2023 03:58:31 GMT
etag: W/"4e57c4041246929caec036f63290e869"
last-modified: Sat, 08 Oct 2022 19:47:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F6FC)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: b0ac1ab6-a28b-4a96-a7b6-4f1b185ea558
x-xss-protection: 1; mode=block
content-length: 9544
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2579261137.2872/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 10 kB URL HTTP/2 ih0.redbubble.net/image.2579261137.2872/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash b76c5fc72cbdc548cf7f48bb305a3d3f
dc8ee860f4d0d17dabbaec4b0b37c0d7514464c6
ba0865ca0df9021211a47e677772b85d96f2a01dbb54c4314caa379816800f06
GET /image.2579261137.2872/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 5755886
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Thu, 16 Feb 2023 03:58:31 GMT
etag: W/"ba0865ca0df9021211a47e677772b85d"
last-modified: Sun, 11 Dec 2022 13:07:05 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F704)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 81b8040b-ae19-4846-acc2-0dc83718b3ef
x-xss-protection: 1; mode=block
content-length: 10402
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2501823087.1427/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 14 kB URL HTTP/2 ih1.redbubble.net/image.2501823087.1427/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
Hash 6ff0f72628dcfa17bdbc21c87be96bfd
8358584ac5da4b567d67f87dcabb0297cc485e97
097ad12405ae32bbd4df31768cc6974b363f333fa5731fd46331878f790ec235
GET /image.2501823087.1427/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 15362748
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Thu, 16 Feb 2023 03:58:31 GMT
etag: W/"281a8d6feb56d70c6a48c55fbf412a1d"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F71B)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: d5f2891d-027d-4541-8e68-d499a6d21006
x-xss-protection: 1; mode=block
content-length: 12808
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2521900674.0223/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 12 kB URL HTTP/2 ih1.redbubble.net/image.2521900674.0223/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 4f656d55e30a35cccb4bc94a74f0df52
19ae51457ecb9dbeac9a0d7d1ae42f9156563056
70b55f3994d82e9bf29d7f59509bb9d010d379e6e3d6901f289bf825fe5e15a0
GET /image.2521900674.0223/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 15362748
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Thu, 16 Feb 2023 03:58:31 GMT
etag: W/"70b55f3994d82e9bf29d7f59509bb9d0"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F71E)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: ee84e291-69ac-49ed-ab14-b532dcc3fe55
x-xss-protection: 1; mode=block
content-length: 11509
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cbcf4ed9cf3617c630e5690c5e2ff2d6
ac6e3f5f896b37ed8df72c8d18700c3dc379cddf
52376db9a5a420745530073f4aa37ac3a89e398bfa8fe7a203dba7c90bb69e1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cbcf4ed9cf3617c630e5690c5e2ff2d6
ac6e3f5f896b37ed8df72c8d18700c3dc379cddf
52376db9a5a420745530073f4aa37ac3a89e398bfa8fe7a203dba7c90bb69e1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/nip8E9ASw52gOJQxdluWu8PK6GgTMaw87ja5NFJnc8le4062UgDFMgxzd2_UmGmz3PbyvBBG=s68-c-k-c0x00ffffff-no-rj
142.250.74.129200 OK 2.9 kB URL HTTP/2 yt3.ggpht.com/nip8E9ASw52gOJQxdluWu8PK6GgTMaw87ja5NFJnc8le4062UgDFMgxzd2_UmGmz3PbyvBBG=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.129:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 73eea0bc3378ebdf7f3ed8311b2d1f9e
44bc2e5b5f953c901df6237b49c825b354671391
2dc9e7612ab1864f756e75873319ca21e35da2f0a19a7ab0e20e6ac9ce71811f
GET /nip8E9ASw52gOJQxdluWu8PK6GgTMaw87ja5NFJnc8le4062UgDFMgxzd2_UmGmz3PbyvBBG=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Fri, 17 Feb 2023 03:58:31 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 16 Feb 2023 03:58:31 GMT
server: fife
content-length: 2924
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1676541510&ei=5qntY66UI6qipASS0bTgCw&ip=91.90.42.154&id=o-AEg9JeWHy5pHljbhui_5mvA4WMtQIUjEQtBScrhPJdbx&itag=251&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1016250&spc=H3gIhg0vIm-RrLIkqYHw_IsXRDpDSNo&vprv=1&mime=audio%2Fwebm&ns=FApnQ-kNfbRuJdxShvQQ0VQL&gir=yes&clen=142602&dur=9.801&lmt=1644075043895481&mt=1676519590&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=lshz-ngfSX0Q8w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgIFWFIUy73UKwCMvIbSanX3JfYp8JCUKH_TW8QgYRUswCIC9CCSWtoExi5pOgcOEEr2nbCowHnqw5cbz6nYo5bAEz&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgF-7YtrvYd6GpRnh_7Aqsd4agW7GJkE2sOyySUBSd5DcCIF6sy8-ScUpYfJs0InynFFNzpc8r6CiNXpq2vM0IEPS9&alr=yes&cpn=3k3o7wSZTJ5yJmQE&cver=1.20230214.01.00&range=0-65812&rn=2&rbuf=0
91.90.45.172200 OK 1.0 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1676541510&ei=5qntY66UI6qipASS0bTgCw&ip=91.90.42.154&id=o-AEg9JeWHy5pHljbhui_5mvA4WMtQIUjEQtBScrhPJdbx&itag=251&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1016250&spc=H3gIhg0vIm-RrLIkqYHw_IsXRDpDSNo&vprv=1&mime=audio%2Fwebm&ns=FApnQ-kNfbRuJdxShvQQ0VQL&gir=yes&clen=142602&dur=9.801&lmt=1644075043895481&mt=1676519590&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=lshz-ngfSX0Q8w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgIFWFIUy73UKwCMvIbSanX3JfYp8JCUKH_TW8QgYRUswCIC9CCSWtoExi5pOgcOEEr2nbCowHnqw5cbz6nYo5bAEz&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgF-7YtrvYd6GpRnh_7Aqsd4agW7GJkE2sOyySUBSd5DcCIF6sy8-ScUpYfJs0InynFFNzpc8r6CiNXpq2vM0IEPS9&alr=yes&cpn=3k3o7wSZTJ5yJmQE&cver=1.20230214.01.00&range=0-65812&rn=2&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1012), with no line terminators
Hash 4f1e42491467a56562d76133d71e9387
33705304ae3167439543cdac96045ebc85639397
e081c3e53f35e22e141ac68fa1170a682dd1bc91c6900763c6fe81df53ca9807
POST /videoplayback?expire=1676541510&ei=5qntY66UI6qipASS0bTgCw&ip=91.90.42.154&id=o-AEg9JeWHy5pHljbhui_5mvA4WMtQIUjEQtBScrhPJdbx&itag=251&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1016250&spc=H3gIhg0vIm-RrLIkqYHw_IsXRDpDSNo&vprv=1&mime=audio%2Fwebm&ns=FApnQ-kNfbRuJdxShvQQ0VQL&gir=yes&clen=142602&dur=9.801&lmt=1644075043895481&mt=1676519590&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=lshz-ngfSX0Q8w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgIFWFIUy73UKwCMvIbSanX3JfYp8JCUKH_TW8QgYRUswCIC9CCSWtoExi5pOgcOEEr2nbCowHnqw5cbz6nYo5bAEz&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgF-7YtrvYd6GpRnh_7Aqsd4agW7GJkE2sOyySUBSd5DcCIF6sy8-ScUpYfJs0InynFFNzpc8r6CiNXpq2vM0IEPS9&alr=yes&cpn=3k3o7wSZTJ5yJmQE&cver=1.20230214.01.00&range=0-65812&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 16 Feb 2023 03:58:31 GMT
Expires: Thu, 16 Feb 2023 03:58:31 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1012
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1676541510&ei=5qntY66UI6qipASS0bTgCw&ip=91.90.42.154&id=o-AEg9JeWHy5pHljbhui_5mvA4WMtQIUjEQtBScrhPJdbx&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1016250&spc=H3gIhg0vIm-RrLIkqYHw_IsXRDpDSNo&vprv=1&mime=video%2Fwebm&ns=FApnQ-kNfbRuJdxShvQQ0VQL&gir=yes&clen=372609&dur=9.766&lmt=1644075043168469&mt=1676519590&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=lshz-ngfSX0Q8w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMyvRReBdPMjDnzc_xuQKLvx9WNHoCO2g0ltSh96mHVgCIAUBloDYRSH8ZqMoZ5NiuQsBuXraxtfDV2krQcMm258i&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgF-7YtrvYd6GpRnh_7Aqsd4agW7GJkE2sOyySUBSd5DcCIF6sy8-ScUpYfJs0InynFFNzpc8r6CiNXpq2vM0IEPS9&alr=yes&cpn=3k3o7wSZTJ5yJmQE&cver=1.20230214.01.00&range=0-83624&rn=1&rbuf=0
91.90.45.172200 OK 1.1 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1676541510&ei=5qntY66UI6qipASS0bTgCw&ip=91.90.42.154&id=o-AEg9JeWHy5pHljbhui_5mvA4WMtQIUjEQtBScrhPJdbx&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1016250&spc=H3gIhg0vIm-RrLIkqYHw_IsXRDpDSNo&vprv=1&mime=video%2Fwebm&ns=FApnQ-kNfbRuJdxShvQQ0VQL&gir=yes&clen=372609&dur=9.766&lmt=1644075043168469&mt=1676519590&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=lshz-ngfSX0Q8w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMyvRReBdPMjDnzc_xuQKLvx9WNHoCO2g0ltSh96mHVgCIAUBloDYRSH8ZqMoZ5NiuQsBuXraxtfDV2krQcMm258i&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgF-7YtrvYd6GpRnh_7Aqsd4agW7GJkE2sOyySUBSd5DcCIF6sy8-ScUpYfJs0InynFFNzpc8r6CiNXpq2vM0IEPS9&alr=yes&cpn=3k3o7wSZTJ5yJmQE&cver=1.20230214.01.00&range=0-83624&rn=1&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1071), with no line terminators
Hash 4138ae25a25c5e8b490bd4ea56560876
d0a4a9584eb9a649b7576abbbb925ca681b5f4f6
a845c0f854639a9c56f41e05f5edc8410d178609028268483a7a4aed9182f46f
POST /videoplayback?expire=1676541510&ei=5qntY66UI6qipASS0bTgCw&ip=91.90.42.154&id=o-AEg9JeWHy5pHljbhui_5mvA4WMtQIUjEQtBScrhPJdbx&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1016250&spc=H3gIhg0vIm-RrLIkqYHw_IsXRDpDSNo&vprv=1&mime=video%2Fwebm&ns=FApnQ-kNfbRuJdxShvQQ0VQL&gir=yes&clen=372609&dur=9.766&lmt=1644075043168469&mt=1676519590&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=lshz-ngfSX0Q8w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMyvRReBdPMjDnzc_xuQKLvx9WNHoCO2g0ltSh96mHVgCIAUBloDYRSH8ZqMoZ5NiuQsBuXraxtfDV2krQcMm258i&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgF-7YtrvYd6GpRnh_7Aqsd4agW7GJkE2sOyySUBSd5DcCIF6sy8-ScUpYfJs0InynFFNzpc8r6CiNXpq2vM0IEPS9&alr=yes&cpn=3k3o7wSZTJ5yJmQE&cver=1.20230214.01.00&range=0-83624&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Thu, 16 Feb 2023 03:58:31 GMT
Expires: Thu, 16 Feb 2023 03:58:31 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1071
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cbcf4ed9cf3617c630e5690c5e2ff2d6
ac6e3f5f896b37ed8df72c8d18700c3dc379cddf
52376db9a5a420745530073f4aa37ac3a89e398bfa8fe7a203dba7c90bb69e1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b2e61a08704c2834389aed5ef9e2c888
63db60f882da7e91c9571bfae12fada29788f62d
13fdc320a441928b811568278916138555e6bb075cf94ea45b77f215e8eeebd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f2ec6c46492616d816b3ebf5e499074c
f99f67ef795bb23cca6c45e276c42926dae3f502
bb1a44cc22881db43c681003a036affff1992bf5957ff545d6549c01372bc10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1ielco78gv5pf.cloudfront.net/assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png
54.230.245.222200 OK 753 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png
IP 54.230.245.222:0
File type PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 95b83ee0d2cb98b5133345024a14031e
fb1f79f434185cabeda75b895cb0e98113c8c6ec
5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0
GET /assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 753
date: Mon, 05 Sep 2022 13:09:45 GMT
server: nginx
last-modified: Sun, 04 Sep 2022 10:06:31 GMT
expires: Thu, 02 Sep 2032 13:09:45 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FBspAF3UZE_yhMRpP8ahCZ648g1WlXm9pxnnjFvrz0i4KbQNtypJEA==
age: 14136526
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png
54.230.245.222200 OK 147 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png
IP 54.230.245.222:0
File type PNG image data, 7 x 10, 8-bit gray+alpha, non-interlaced\012- data
Hash aafe97f737c068ef75a9410c8a45f5a4
0d1856e53194b2a68d1976a21fe05d20eac683b6
44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47
GET /assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 147
date: Sat, 19 Nov 2022 12:53:29 GMT
server: nginx
last-modified: Wed, 16 Nov 2022 10:07:37 GMT
expires: Tue, 16 Nov 2032 12:53:29 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U_e_9x-cB4VEf-uc2lFMrbYLhmLxKkpWQlUDuQSve7StSig9rNsdyg==
age: 7657502
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/0nxwujvI9-4/sddefault.webp
172.217.21.182200 OK 30 kB URL HTTP/2 i.ytimg.com/vi_webp/0nxwujvI9-4/sddefault.webp
IP 172.217.21.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f1cb691ce049a9b172f34b7f07539211
62518e66afefd5186f273284c0f669ed0389a401
4729ab37821acb4bd0885e11eaa8807077b62aa8ad128e8c436597749c5f787b
GET /vi_webp/0nxwujvI9-4/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 29482
date: Thu, 16 Feb 2023 03:58:31 GMT
expires: Thu, 16 Feb 2023 05:58:31 GMT
cache-control: public, max-age=7200
etag: "1667228521"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f2ec6c46492616d816b3ebf5e499074c
f99f67ef795bb23cca6c45e276c42926dae3f502
bb1a44cc22881db43c681003a036affff1992bf5957ff545d6549c01372bc10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ih0.redbubble.net/image.2503050063.7512/raf,220x200,075,t,navy.u5.jpg
68.232.35.237200 OK 14 kB URL HTTP/2 ih0.redbubble.net/image.2503050063.7512/raf,220x200,075,t,navy.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash e9ab6ba80058407167c7906fe0b5df51
27e84ecc9cac4e0f102c0bde2e67b7ade1d4c1a8
883586c02d69a82c8016f4aef37eafb6cd51c30756b576877d0ca82528ababb2
GET /image.2503050063.7512/raf,220x200,075,t,navy.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 1371871
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Thu, 16 Feb 2023 03:58:31 GMT
etag: W/"883586c02d69a82c8016f4aef37eafb6"
last-modified: Tue, 31 Jan 2023 06:54:00 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (dcb/7F82)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: e0261739-36e3-440f-92e9-cabb2dd2391e
x-xss-protection: 1; mode=block
content-length: 13931
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f826251bc77ebf614b16bc3f05ea9bd8
99157d8fec686f379f7078fb7cd52e7bab15687e
37b4eecab6338267fb0d11a06a30cd2124f70060e1c38f6e2c5c41be0215d946
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f826251bc77ebf614b16bc3f05ea9bd8
99157d8fec686f379f7078fb7cd52e7bab15687e
37b4eecab6338267fb0d11a06a30cd2124f70060e1c38f6e2c5c41be0215d946
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1676541510&ei=5qntY66UI6qipASS0bTgCw&ip=91.90.42.154&id=o-AEg9JeWHy5pHljbhui_5mvA4WMtQIUjEQtBScrhPJdbx&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&spc=H3gIhg0vIm-RrLIkqYHw_IsXRDpDSNo&vprv=1&mime=video%2Fwebm&ns=FApnQ-kNfbRuJdxShvQQ0VQL&gir=yes&clen=372609&dur=9.766&lmt=1644075043168469&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=lshz-ngfSX0Q8w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMyvRReBdPMjDnzc_xuQKLvx9WNHoCO2g0ltSh96mHVgCIAUBloDYRSH8ZqMoZ5NiuQsBuXraxtfDV2krQcMm258i&alr=yes&cpn=3k3o7wSZTJ5yJmQE&cver=1.20230214.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=ke&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1676519843&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJbX_xtJwIPV77jqJLE5vC6D_V71DgIr3EAkv-R9NjTOAiEArEKsMlX7ARgTSMrvwAXJmVtcf2wr13UcVbJjhnL0NhQ%3D&range=0-83624&rn=4&rbuf=0&pot=D1DJqwn-N14vUPIxbdGKZ4H-uXO650dxl-V5-FqEJ-1Zrws8HqCYykgS-kU5iBx01zRYvFc79X6kph5kVJxHBi4p8oB73evlwx51rY0M7Ua8cuIzivbazI4SuznEy6JWzGw3O4PtPDU=
74.125.111.39200 OK 84 kB URL HTTP/1.1 rr2---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1676541510&ei=5qntY66UI6qipASS0bTgCw&ip=91.90.42.154&id=o-AEg9JeWHy5pHljbhui_5mvA4WMtQIUjEQtBScrhPJdbx&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&spc=H3gIhg0vIm-RrLIkqYHw_IsXRDpDSNo&vprv=1&mime=video%2Fwebm&ns=FApnQ-kNfbRuJdxShvQQ0VQL&gir=yes&clen=372609&dur=9.766&lmt=1644075043168469&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=lshz-ngfSX0Q8w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMyvRReBdPMjDnzc_xuQKLvx9WNHoCO2g0ltSh96mHVgCIAUBloDYRSH8ZqMoZ5NiuQsBuXraxtfDV2krQcMm258i&alr=yes&cpn=3k3o7wSZTJ5yJmQE&cver=1.20230214.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=ke&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1676519843&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJbX_xtJwIPV77jqJLE5vC6D_V71DgIr3EAkv-R9NjTOAiEArEKsMlX7ARgTSMrvwAXJmVtcf2wr13UcVbJjhnL0NhQ%3D&range=0-83624&rn=4&rbuf=0&pot=D1DJqwn-N14vUPIxbdGKZ4H-uXO650dxl-V5-FqEJ-1Zrws8HqCYykgS-kU5iBx01zRYvFc79X6kph5kVJxHBi4p8oB73evlwx51rY0M7Ua8cuIzivbazI4SuznEy6JWzGw3O4PtPDU=
IP 74.125.111.39:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash a5cff876e8757875138a219b1e112192
37a633577e49a52ff0dfbbb1ba4d612fde9c31c6
c5056416db1e6e9d48e859b48175c9140292647bda2333babd32a54ca5523c78
POST /videoplayback?expire=1676541510&ei=5qntY66UI6qipASS0bTgCw&ip=91.90.42.154&id=o-AEg9JeWHy5pHljbhui_5mvA4WMtQIUjEQtBScrhPJdbx&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&spc=H3gIhg0vIm-RrLIkqYHw_IsXRDpDSNo&vprv=1&mime=video%2Fwebm&ns=FApnQ-kNfbRuJdxShvQQ0VQL&gir=yes&clen=372609&dur=9.766&lmt=1644075043168469&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=lshz-ngfSX0Q8w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMyvRReBdPMjDnzc_xuQKLvx9WNHoCO2g0ltSh96mHVgCIAUBloDYRSH8ZqMoZ5NiuQsBuXraxtfDV2krQcMm258i&alr=yes&cpn=3k3o7wSZTJ5yJmQE&cver=1.20230214.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=ke&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1676519843&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJbX_xtJwIPV77jqJLE5vC6D_V71DgIr3EAkv-R9NjTOAiEArEKsMlX7ARgTSMrvwAXJmVtcf2wr13UcVbJjhnL0NhQ%3D&range=0-83624&rn=4&rbuf=0&pot=D1DJqwn-N14vUPIxbdGKZ4H-uXO650dxl-V5-FqEJ-1Zrws8HqCYykgS-kU5iBx01zRYvFc79X6kph5kVJxHBi4p8oB73evlwx51rY0M7Ua8cuIzivbazI4SuznEy6JWzGw3O4PtPDU= HTTP/1.1
Host: rr2---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 05 Feb 2022 15:30:43 GMT
Content-Type: video/webm
Date: Thu, 16 Feb 2023 03:58:31 GMT
Expires: Thu, 16 Feb 2023 03:58:31 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 83625
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1676541510&ei=5qntY66UI6qipASS0bTgCw&ip=91.90.42.154&id=o-AEg9JeWHy5pHljbhui_5mvA4WMtQIUjEQtBScrhPJdbx&itag=251&source=youtube&requiressl=yes&spc=H3gIhg0vIm-RrLIkqYHw_IsXRDpDSNo&vprv=1&mime=audio%2Fwebm&ns=FApnQ-kNfbRuJdxShvQQ0VQL&gir=yes&clen=142602&dur=9.801&lmt=1644075043895481&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=lshz-ngfSX0Q8w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgIFWFIUy73UKwCMvIbSanX3JfYp8JCUKH_TW8QgYRUswCIC9CCSWtoExi5pOgcOEEr2nbCowHnqw5cbz6nYo5bAEz&alr=yes&cpn=3k3o7wSZTJ5yJmQE&cver=1.20230214.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=ke&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1676519843&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMSaExg8JyrjsFufV0Xf9yg4WqQL93T89kqeUgDYyQwiAiASFuIcbD0gdsxzM2yd5tUvwBvS2_P-nNLZD6KiDdeocw%3D%3D&range=0-65812&rn=3&rbuf=0&pot=D1DJqwn-N14vUPIxbdGKZ4H-uXO650dxl-V5-FqEJ-1Zrws8HqCYykgS-kU5iBx01zRYvFc79X6kph5kVJxHBi4p8oB73evlwx51rY0M7Ua8cuIzivbazI4SuznEy6JWzGw3O4PtPDU=
74.125.111.39200 OK 66 kB URL HTTP/1.1 rr2---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1676541510&ei=5qntY66UI6qipASS0bTgCw&ip=91.90.42.154&id=o-AEg9JeWHy5pHljbhui_5mvA4WMtQIUjEQtBScrhPJdbx&itag=251&source=youtube&requiressl=yes&spc=H3gIhg0vIm-RrLIkqYHw_IsXRDpDSNo&vprv=1&mime=audio%2Fwebm&ns=FApnQ-kNfbRuJdxShvQQ0VQL&gir=yes&clen=142602&dur=9.801&lmt=1644075043895481&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=lshz-ngfSX0Q8w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgIFWFIUy73UKwCMvIbSanX3JfYp8JCUKH_TW8QgYRUswCIC9CCSWtoExi5pOgcOEEr2nbCowHnqw5cbz6nYo5bAEz&alr=yes&cpn=3k3o7wSZTJ5yJmQE&cver=1.20230214.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=ke&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1676519843&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMSaExg8JyrjsFufV0Xf9yg4WqQL93T89kqeUgDYyQwiAiASFuIcbD0gdsxzM2yd5tUvwBvS2_P-nNLZD6KiDdeocw%3D%3D&range=0-65812&rn=3&rbuf=0&pot=D1DJqwn-N14vUPIxbdGKZ4H-uXO650dxl-V5-FqEJ-1Zrws8HqCYykgS-kU5iBx01zRYvFc79X6kph5kVJxHBi4p8oB73evlwx51rY0M7Ua8cuIzivbazI4SuznEy6JWzGw3O4PtPDU=
IP 74.125.111.39:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash a3e5161d67b6bcdbc2900f34d1b62837
70cfc40fc73887edd4962521d8a1f4355c2ae0ec
16b997a701a210873b11d55fb91acd40c67ac75f0cb35f6af030685640ad6647
POST /videoplayback?expire=1676541510&ei=5qntY66UI6qipASS0bTgCw&ip=91.90.42.154&id=o-AEg9JeWHy5pHljbhui_5mvA4WMtQIUjEQtBScrhPJdbx&itag=251&source=youtube&requiressl=yes&spc=H3gIhg0vIm-RrLIkqYHw_IsXRDpDSNo&vprv=1&mime=audio%2Fwebm&ns=FApnQ-kNfbRuJdxShvQQ0VQL&gir=yes&clen=142602&dur=9.801&lmt=1644075043895481&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=lshz-ngfSX0Q8w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgIFWFIUy73UKwCMvIbSanX3JfYp8JCUKH_TW8QgYRUswCIC9CCSWtoExi5pOgcOEEr2nbCowHnqw5cbz6nYo5bAEz&alr=yes&cpn=3k3o7wSZTJ5yJmQE&cver=1.20230214.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=ke&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1676519843&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMSaExg8JyrjsFufV0Xf9yg4WqQL93T89kqeUgDYyQwiAiASFuIcbD0gdsxzM2yd5tUvwBvS2_P-nNLZD6KiDdeocw%3D%3D&range=0-65812&rn=3&rbuf=0&pot=D1DJqwn-N14vUPIxbdGKZ4H-uXO650dxl-V5-FqEJ-1Zrws8HqCYykgS-kU5iBx01zRYvFc79X6kph5kVJxHBi4p8oB73evlwx51rY0M7Ua8cuIzivbazI4SuznEy6JWzGw3O4PtPDU= HTTP/1.1
Host: rr2---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 05 Feb 2022 15:30:43 GMT
Content-Type: audio/webm
Date: Thu, 16 Feb 2023 03:58:31 GMT
Expires: Thu, 16 Feb 2023 03:58:31 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 65813
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f826251bc77ebf614b16bc3f05ea9bd8
99157d8fec686f379f7078fb7cd52e7bab15687e
37b4eecab6338267fb0d11a06a30cd2124f70060e1c38f6e2c5c41be0215d946
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1ielco78gv5pf.cloudfront.net/assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif
54.230.245.222200 OK 1.8 kB URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif
IP 54.230.245.222:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 53c8654b9584bb9f925f2e9f12a3a365
69b347445a08ef2e1235cb8ff2fad484d59ae7d3
8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d
GET /assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 1785
date: Mon, 23 Jan 2023 15:13:33 GMT
server: nginx
last-modified: Sun, 22 Jan 2023 10:15:28 GMT
expires: Thu, 20 Jan 2033 15:13:33 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5QWDY6KK8gy5qDmZzMzpVEYPXOn1JYyPKOmFS482WQvPl7OyVCY2OA==
age: 2033098
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=www.morecouponstogo.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.morecouponstogo.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.morecouponstogo.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 16 Feb 2023 03:58:31 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 16f6de27455c5b63adbedb4723dfaf0b
4f7ba412760e56c23efdf2fba19c26382c13a948
56d77096cf28d083a903491dbee2a7ad0877510ab78c74cd3b0eefe9bbe8643e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=www.morecouponstogo.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.morecouponstogo.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.morecouponstogo.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 16 Feb 2023 03:58:31 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 16f6de27455c5b63adbedb4723dfaf0b
4f7ba412760e56c23efdf2fba19c26382c13a948
56d77096cf28d083a903491dbee2a7ad0877510ab78c74cd3b0eefe9bbe8643e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 16 Feb 2023 03:58:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr5---sn-5goeenes.googlevideo.com/videoplayback?expire=1676541511&ei=56ntY9rfFfOH0u8PzoCgcA&ip=91.90.42.154&id=o-AMa7YatinKP0-5RaR5kv7RmahOjMSF8aYxf5-5zn9KSX&itag=250&source=youtube&requiressl=yes&spc=H3gIhgH-F0CZFJR12wE-L9GiZKf4_apvTdZuUzdQ6YrSYBzlHA&vprv=1&mime=audio%2Fwebm&ns=7Bhe5GtYchbs6d_lV__J1gYL&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=wOBlRDuFMZsPLA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgY14Qu5rtKEOkr2frLCxYUNH8TuvlxkxGX464pO6fmzoCIQDOv7yrFZCf4sMUpm6rAZjbY9U137MS_0zu0org_8Q2aQ%3D%3D&alr=yes&cpn=1L30z35RjPcYhUa2&cver=1.20230214.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=gh&mm=29&mn=sn-5goeenes&ms=rdu&mt=1676519843&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgC1ZIg5eVIdwN5g4T4CLuOqX3bnfEE5P9R0r_ffR7ITUCIA_IlLJ2qAARawfer_60uCLPjlsNMlJIKrETv0zuFvAr&range=0-337&rn=4&rbuf=0&pot=D3YkKiBBiwemdh_h6gzCSKUVbO7XA8YcH-k-sumDCFwHpDCUKzRR6r3KxZVAeLOGFTyljTAN-FWemEDBwLi-Xta3PoHKcZrQ0ErtMewTSGYve3X_4ghtYlyucZ08JqznNER4oZerPDA=
74.125.108.234200 OK 338 B URL HTTP/1.1 rr5---sn-5goeenes.googlevideo.com/videoplayback?expire=1676541511&ei=56ntY9rfFfOH0u8PzoCgcA&ip=91.90.42.154&id=o-AMa7YatinKP0-5RaR5kv7RmahOjMSF8aYxf5-5zn9KSX&itag=250&source=youtube&requiressl=yes&spc=H3gIhgH-F0CZFJR12wE-L9GiZKf4_apvTdZuUzdQ6YrSYBzlHA&vprv=1&mime=audio%2Fwebm&ns=7Bhe5GtYchbs6d_lV__J1gYL&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=wOBlRDuFMZsPLA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgY14Qu5rtKEOkr2frLCxYUNH8TuvlxkxGX464pO6fmzoCIQDOv7yrFZCf4sMUpm6rAZjbY9U137MS_0zu0org_8Q2aQ%3D%3D&alr=yes&cpn=1L30z35RjPcYhUa2&cver=1.20230214.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=gh&mm=29&mn=sn-5goeenes&ms=rdu&mt=1676519843&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgC1ZIg5eVIdwN5g4T4CLuOqX3bnfEE5P9R0r_ffR7ITUCIA_IlLJ2qAARawfer_60uCLPjlsNMlJIKrETv0zuFvAr&range=0-337&rn=4&rbuf=0&pot=D3YkKiBBiwemdh_h6gzCSKUVbO7XA8YcH-k-sumDCFwHpDCUKzRR6r3KxZVAeLOGFTyljTAN-FWemEDBwLi-Xta3PoHKcZrQ0ErtMewTSGYve3X_4ghtYlyucZ08JqznNER4oZerPDA=
IP 74.125.108.234:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash ad731b1b5f15e8439e4ab2816fe84240
1dbb0f630b426413eda4e6b4134979aec2d4ae8b
099a421c809946c753da16a33d1815db997edd49bc686e5d97f85ab2f234515c
POST /videoplayback?expire=1676541511&ei=56ntY9rfFfOH0u8PzoCgcA&ip=91.90.42.154&id=o-AMa7YatinKP0-5RaR5kv7RmahOjMSF8aYxf5-5zn9KSX&itag=250&source=youtube&requiressl=yes&spc=H3gIhgH-F0CZFJR12wE-L9GiZKf4_apvTdZuUzdQ6YrSYBzlHA&vprv=1&mime=audio%2Fwebm&ns=7Bhe5GtYchbs6d_lV__J1gYL&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=wOBlRDuFMZsPLA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgY14Qu5rtKEOkr2frLCxYUNH8TuvlxkxGX464pO6fmzoCIQDOv7yrFZCf4sMUpm6rAZjbY9U137MS_0zu0org_8Q2aQ%3D%3D&alr=yes&cpn=1L30z35RjPcYhUa2&cver=1.20230214.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=gh&mm=29&mn=sn-5goeenes&ms=rdu&mt=1676519843&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgC1ZIg5eVIdwN5g4T4CLuOqX3bnfEE5P9R0r_ffR7ITUCIA_IlLJ2qAARawfer_60uCLPjlsNMlJIKrETv0zuFvAr&range=0-337&rn=4&rbuf=0&pot=D3YkKiBBiwemdh_h6gzCSKUVbO7XA8YcH-k-sumDCFwHpDCUKzRR6r3KxZVAeLOGFTyljTAN-FWemEDBwLi-Xta3PoHKcZrQ0ErtMewTSGYve3X_4ghtYlyucZ08JqznNER4oZerPDA= HTTP/1.1
Host: rr5---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 24 Feb 2022 09:07:16 GMT
Content-Type: audio/webm
Date: Thu, 16 Feb 2023 03:58:32 GMT
Expires: Thu, 16 Feb 2023 03:58:32 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 338
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr5---sn-5goeenes.googlevideo.com/videoplayback?expire=1676541511&ei=56ntY9rfFfOH0u8PzoCgcA&ip=91.90.42.154&id=o-AMa7YatinKP0-5RaR5kv7RmahOjMSF8aYxf5-5zn9KSX&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&spc=H3gIhgH-F0CZFJR12wE-L9GiZKf4_apvTdZuUzdQ6YrSYBzlHA&vprv=1&mime=video%2Fwebm&ns=7Bhe5GtYchbs6d_lV__J1gYL&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=wOBlRDuFMZsPLA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOKBh8luPGY_siFeSIUiDqHd5LHd1wKRCyx3Hehx_zVlAiEAsfd-svn3eoTvXp8w2Lk1sYCoPYDfCznErfmQ-o20YIw%3D&alr=yes&cpn=1L30z35RjPcYhUa2&cver=1.20230214.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=gh&mm=29&mn=sn-5goeenes&ms=rdu&mt=1676519843&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhANEwEHF9gScEFifqLRlQxOsaMtF6Rtt2YBe8NLOz614OAiEAsOrphVf8BB0WNbasRDeSPduhAw_knsYQof6S2LfzppA%3D&range=0-348&rn=3&rbuf=0&pot=D3YkKiBBiwemdh_h6gzCSKUVbO7XA8YcH-k-sumDCFwHpDCUKzRR6r3KxZVAeLOGFTyljTAN-FWemEDBwLi-Xta3PoHKcZrQ0ErtMewTSGYve3X_4ghtYlyucZ08JqznNER4oZerPDA=
74.125.108.234200 OK 349 B URL HTTP/1.1 rr5---sn-5goeenes.googlevideo.com/videoplayback?expire=1676541511&ei=56ntY9rfFfOH0u8PzoCgcA&ip=91.90.42.154&id=o-AMa7YatinKP0-5RaR5kv7RmahOjMSF8aYxf5-5zn9KSX&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&spc=H3gIhgH-F0CZFJR12wE-L9GiZKf4_apvTdZuUzdQ6YrSYBzlHA&vprv=1&mime=video%2Fwebm&ns=7Bhe5GtYchbs6d_lV__J1gYL&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=wOBlRDuFMZsPLA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOKBh8luPGY_siFeSIUiDqHd5LHd1wKRCyx3Hehx_zVlAiEAsfd-svn3eoTvXp8w2Lk1sYCoPYDfCznErfmQ-o20YIw%3D&alr=yes&cpn=1L30z35RjPcYhUa2&cver=1.20230214.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=gh&mm=29&mn=sn-5goeenes&ms=rdu&mt=1676519843&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhANEwEHF9gScEFifqLRlQxOsaMtF6Rtt2YBe8NLOz614OAiEAsOrphVf8BB0WNbasRDeSPduhAw_knsYQof6S2LfzppA%3D&range=0-348&rn=3&rbuf=0&pot=D3YkKiBBiwemdh_h6gzCSKUVbO7XA8YcH-k-sumDCFwHpDCUKzRR6r3KxZVAeLOGFTyljTAN-FWemEDBwLi-Xta3PoHKcZrQ0ErtMewTSGYve3X_4ghtYlyucZ08JqznNER4oZerPDA=
IP 74.125.108.234:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 6799eeffb2467b3622904988938cc6c9
363a023f07f0578a4978f873d55603650c9b32de
430e019435c317dab1826c031d59218a2dd88706591d671aa2ade9b2e74dec74
POST /videoplayback?expire=1676541511&ei=56ntY9rfFfOH0u8PzoCgcA&ip=91.90.42.154&id=o-AMa7YatinKP0-5RaR5kv7RmahOjMSF8aYxf5-5zn9KSX&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&spc=H3gIhgH-F0CZFJR12wE-L9GiZKf4_apvTdZuUzdQ6YrSYBzlHA&vprv=1&mime=video%2Fwebm&ns=7Bhe5GtYchbs6d_lV__J1gYL&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=wOBlRDuFMZsPLA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAOKBh8luPGY_siFeSIUiDqHd5LHd1wKRCyx3Hehx_zVlAiEAsfd-svn3eoTvXp8w2Lk1sYCoPYDfCznErfmQ-o20YIw%3D&alr=yes&cpn=1L30z35RjPcYhUa2&cver=1.20230214.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=gh&mm=29&mn=sn-5goeenes&ms=rdu&mt=1676519843&mv=m&mvi=5&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhANEwEHF9gScEFifqLRlQxOsaMtF6Rtt2YBe8NLOz614OAiEAsOrphVf8BB0WNbasRDeSPduhAw_knsYQof6S2LfzppA%3D&range=0-348&rn=3&rbuf=0&pot=D3YkKiBBiwemdh_h6gzCSKUVbO7XA8YcH-k-sumDCFwHpDCUKzRR6r3KxZVAeLOGFTyljTAN-FWemEDBwLi-Xta3PoHKcZrQ0ErtMewTSGYve3X_4ghtYlyucZ08JqznNER4oZerPDA= HTTP/1.1
Host: rr5---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 24 Feb 2022 09:07:16 GMT
Content-Type: video/webm
Date: Thu, 16 Feb 2023 03:58:32 GMT
Expires: Thu, 16 Feb 2023 03:58:32 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 349
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
www.youtube.com/embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
216.58.207.238200 OK 28 kB URL HTTP/2 www.youtube.com/embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
IP 216.58.207.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash f61cd6e6a862c306ada8b09ea23339df
4e29e0018b80bdbdc72fbf1adfc7dd98a05ac80e
0bd43912ac5306ae53676f66d630997f0f73a5ead45fd256e561fa48e20de4eb
GET /embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 16 Feb 2023 03:58:28 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=MCZkemsghHE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=6ojwJbvuxa4; Domain=.youtube.com; Expires=Tue, 15-Aug-2023 03:58:28 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekl3TURVNU9ERTNOek13T0RNd01EUXlOdz09EOTTtp8GGOTTtp8G; Domain=.youtube.com; Expires=Tue, 15-Aug-2023 03:58:28 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+630; expires=Sat, 15-Feb-2025 03:58:28 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5439931-a556-41ca-83bc-84ead082e81a.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5439931-a556-41ca-83bc-84ead082e81a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edb5d9c5b0ffda7de0744c3f05976530
18d9b3860de90d8ced92dc74ff32fb2c80dea639
8f1490d2cef0835e4c72d5fbc2eb03cae22cae2d2150862e76d03bb17d8f6804
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5439931-a556-41ca-83bc-84ead082e81a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4845
x-amzn-requestid: b618c593-cad4-4127-bbe6-6eec4cc6df6c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZmPMG27IAMF6Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed50c7-1b5a948b737716c87bf3c047;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:38:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lI2rbiD6UW4aTT9lfHO4QlLfU6TFMwNuRTKzum9SYqaJLtzMoTwlKA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 21:39:05 GMT
etag: "18d9b3860de90d8ced92dc74ff32fb2c80dea639"
content-type: image/jpeg
age: 22767
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
3.217.17.222200 OK 0 B URL HTTP/2 trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
IP 3.217.17.222:0
GET /50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:24 GMT
content-type: image/jpeg
server: nginx
vary: Accept-Encoding
expires: Sat, 18 Mar 2023 03:58:23 GMT
pragma: public
cache-control: max-age=2591999
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.bunny.net/css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700|Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
194.242.11.186200 OK 0 B URL HTTP/2 fonts.bunny.net/css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700|Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700|Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:27 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
last-modified: Thu, 16 Feb 2023 03:58:27 GMT
x-do-app-origin: 1fb91846-e6b7-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/16/2023 03:58:27
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 5258cc4651f79c338768ce022f956bf0
cdn-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/126-cloud/js/preview.pro.js
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/126-cloud/js/preview.pro.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /builds/pro/126-cloud/js/preview.pro.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:27 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"5c88d2b7889841e346347344260d6669"
last-modified: Tue, 31 Jan 2023 10:24:53 GMT
x-amz-id-2: re+fbLd05LiIRny/Jjrct93Uc68/eVsF7UimDLoKavRvrWLGPmkX18vEulah6lNnkVMWE8qQsao=
x-amz-request-id: PMBX563V3H08WGNQ
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/31/2023 12:56:41
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/126-cloud/js/preview.pro.js>; rel="canonical"
cdn-status: 200
cdn-requestid: 7df455b7b5825cfc8238f1360c06ec19
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/126-cloud/css/preview.pro.css
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/126-cloud/css/preview.pro.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /builds/pro/126-cloud/css/preview.pro.css HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:27 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"b1efdef564a9908476eca3da92165504"
last-modified: Tue, 31 Jan 2023 10:24:53 GMT
x-amz-id-2: tYNu5aGwePU3RKdwWk88GzGW2O/esHn66d56n3My5FyFKieEQEstrq2xS/QrFMQJv5bC7ptJONM=
x-amz-request-id: 2BXZ51922MBR76MM
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/31/2023 12:56:40
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/126-cloud/css/preview.pro.css>; rel="canonical"
cdn-status: 200
cdn-requestid: 1e769a2b02e127efde7a5fcae4db81ff
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
pixel.leadsleap.net/set.html?n1=lltkra156457&v1=493299.16&n2=lltkrb156457&v2=493299.16
172.67.186.40200 OK 0 B URL HTTP/2 pixel.leadsleap.net/set.html?n1=lltkra156457&v1=493299.16&n2=lltkrb156457&v2=493299.16
IP 172.67.186.40:0
GET /set.html?n1=lltkra156457&v1=493299.16&n2=lltkrb156457&v2=493299.16 HTTP/1.1
Host: pixel.leadsleap.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:25 GMT
content-type: text/html
last-modified: Thu, 01 Oct 2020 11:41:08 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTwId7OhdLtDQ6wJfQFSW1ADHCk6xVNkIBHeHIn7%2B8NRtVm%2FGlg6QIKv1ObHR%2FQMQlhHUbN1XoZ%2FZ44srO6PkkqdnrWlJvs%2BIxH5Gh4fHmvOwGr6gpz0JZHPTu89f5OpTwjLpyEJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a35d60ba51b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/126-cloud/js/group-3.pro.js
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/126-cloud/js/group-3.pro.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /builds/pro/126-cloud/js/group-3.pro.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:27 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"864e134a7962ccb8605a940e471fad36"
last-modified: Tue, 31 Jan 2023 10:24:53 GMT
x-amz-id-2: sTF6oU1+RyAqbjiniGvTGbCL+/GDkcvSTK7GWs44Fl0ERfSMRCRTmxtPltUuv1LQ6LUrNTKoNxo=
x-amz-request-id: 7NQ8SNY5WK2979ES
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/16/2023 03:58:27
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/126-cloud/js/group-3.pro.js>; rel="canonical"
cdn-status: 200
cdn-requestid: bf0c65b88f0ffac2eacd9e2c440e27ca
cdn-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
w.leadsleap.com/js.js
172.67.69.111200 OK 0 B IP 172.67.69.111:0
GET /js.js HTTP/1.1
Host: w.leadsleap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:27 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4038
last-modified: Mon, 06 Jun 2022 14:11:07 GMT
cache-control: max-age=2678400
cf-cache-status: HIT
age: 2402
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtLSTPxztcpYM%2BtMBnkwtL5RXzgYPD%2FSNkAHPOBTJN0ga3QgsW8PT0y4oVSEmRqgrL%2BFLF9SMqfXvFRdtYLKmJWhjslt5MtyALV8qbK6ioqsIK2KsN2%2BR7wOGeKJMs6h%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79a35d6cacc5b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
z5traffic.com/t/matomo.js
3.217.17.222404 Not Found 0 B URL HTTP/2 z5traffic.com/t/matomo.js
IP 3.217.17.222:0
GET /t/matomo.js HTTP/1.1
Host: z5traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Thu, 16 Feb 2023 03:58:25 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.16.1
vary: Accept-Encoding
x-powered-by: PHP/7.4.12
cache-control: no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
twshop4coupon.com/track/imp/img/6848/ce2bc2b8910528c9bed6f77a9672c94824684fc975fbb9b20a61ba0266?subid_1=&subid_2=&subid_3=&subid_4=&subid_5=
34.225.242.169302 Found 0 B URL HTTP/2 twshop4coupon.com/track/imp/img/6848/ce2bc2b8910528c9bed6f77a9672c94824684fc975fbb9b20a61ba0266?subid_1=&subid_2=&subid_3=&subid_4=&subid_5=
IP 34.225.242.169:0
GET /track/imp/img/6848/ce2bc2b8910528c9bed6f77a9672c94824684fc975fbb9b20a61ba0266?subid_1=&subid_2=&subid_3=&subid_4=&subid_5= HTTP/1.1
Host: twshop4coupon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 16 Feb 2023 03:58:27 GMT
content-type: text/html; charset=utf-8
location: https://cdn.affiliates.one/production/admin_affiliates_com_tw/image_creative/6848/x1dmuwbyv2tjwywndwsoqvvuraktdtp1szujaobnu_cheapoair_468x60.gif?wl=8&image_creative_id=6848&offer_id=1481&offer_variant_id=1871&network_id=169&affiliate_id=17200&affiliate_offer_id=1826500
server: Apache/2.4.18 (Ubuntu)
cache-control: no-cache
x-request-id: d24001c02a09888b1e48b3c6ed6f50e7
p3p: CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV"
x-ua-compatible: IE=Edge,chrome=1
x-runtime: 0.094180
x-rack-cache: miss
x-powered-by: Phusion Passenger 5.1.12
status: 302 Found
X-Firefox-Spdy: h2
llclickpro.com/trackr.css?v=29
104.21.65.65200 OK 0 B URL HTTP/2 llclickpro.com/trackr.css?v=29
IP 104.21.65.65:0
GET /trackr.css?v=29 HTTP/1.1
Host: llclickpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/MCTGlanding/tab
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:25 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=12271
last-modified: Tue, 28 Jun 2022 06:00:22 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5311
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6%2FbVxRsWafGK8qNgfu7YHz0%2B7yf4GtsajjDOsZstsXt8YgOrLaixJKkKEQuQSAI%2FalMk9us%2BJM36cuu7WrbvA%2FDMqqp3Ti7bh9zokUihTmGJODFatHFO3%2BKEpcBIRRQCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79a35d5f7a521c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
llclickpro.com/trackr.js?v=54
104.21.65.65200 OK 0 B URL HTTP/2 llclickpro.com/trackr.js?v=54
IP 104.21.65.65:0
GET /trackr.js?v=54 HTTP/1.1
Host: llclickpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/MCTGlanding/tab
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:25 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=15670
last-modified: Wed, 07 Sep 2022 02:09:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6876
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atBxzPInzlx9EWqWk2IqK%2B%2B4F5hW%2FBHFOqr%2Bh%2B7b5%2FgtbZL0VLyRZtz%2FKxyJeO3iPCPQW%2BmbIcyKU0MJJyClqg59KqoKdnFUBXw%2FMXTsnJ%2Fb%2BhGGM1tyHlMdjgSr9063iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79a35d5f8a5a1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.gravitec.net/modules/1.bundle.js
45.133.44.3200 OK 0 B URL HTTP/2 cdn.gravitec.net/modules/1.bundle.js
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
GET /modules/1.bundle.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 16 Feb 2023 03:58:29 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
etag: W/"61fa486f-8092"
expires: Tue, 20 Dec 2022 09:05:37 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2