t-adbar1.com/_kc1h
52.200.4.50302 Found 0 B IP 52.200.4.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_kc1h HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 20 Feb 2023 14:59:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Set-Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Wed, 22-Mar-2023 14:59:42 GMT; Max-Age=2592000; SameSite=Lax
Location: https://t-adbar1.com/_kc1h
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 378d97dfed95fd35bca9d8699e56151a
46f96f400be9e5208ccbad84540a7855c9994bef
b86917bafe1d5d6f762dbbe5af0b906ce61e505539b5fe2a1e49b09d500a90c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B86917BAFE1D5D6F762DBBE5AF0B906CE61E505539B5FE2A1E49B09D500A90C6"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11277
Expires: Mon, 20 Feb 2023 18:07:39 GMT
Date: Mon, 20 Feb 2023 14:59:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 97d7dde89cca188d19690d7bf759d034
7ec36525c8b5e8e278f0c5f26da3316687d89041
f8b500f9b1e8188807aab20f8e2540b5b2e888b13ff5f6f6211bbc28056f23e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8B500F9B1E8188807AAB20F8E2540B5B2E888B13FF5F6F6211BBC28056F23E8"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2194
Expires: Mon, 20 Feb 2023 15:36:16 GMT
Date: Mon, 20 Feb 2023 14:59:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48b5fafb12e15fbede4669b549518d50
ee82e527d3c45ebbc1865cd56b93e1be5ac933db
94036245b7831c01d3112f661bd909369c9b3af89ab37be7fb07f2254a7df7d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94036245B7831C01D3112F661BD909369C9B3AF89AB37BE7FB07F2254A7DF7D5"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13305
Expires: Mon, 20 Feb 2023 18:41:27 GMT
Date: Mon, 20 Feb 2023 14:59:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 20 Feb 2023 14:53:34 GMT
content-type: application/json
age: 368
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +Mc5jRFgnCr5YUPCTDRsfXhZljAHAeEjKsJbFkhybN0vgjnEssa/e4cMgQF9fc79S2gjwcdmk/c=
x-amz-request-id: 6BK0FSX5HHQB358W
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 20 Feb 2023 14:22:21 GMT
age: 2241
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 20 Feb 2023 14:59:42 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 83be3234bbeb8b270883677d52094b02
2d0b522ba949853db70e54e131a6a6a47a553e02
eb25971b189e1f9290a8a9797d9d8250354b0b49b05058dcfc59891c68446314
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=125946
Date: Mon, 20 Feb 2023 14:59:42 GMT
Etag: "63f2bdc7-1d7"
Expires: Wed, 22 Feb 2023 01:58:48 GMT
Last-Modified: Mon, 20 Feb 2023 00:24:39 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VH07ADXlpc4YTL_tc7q_XId1y8V3I95dQfz3qEf66vPJRASgrurpvQ==
Age: 5649
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Content-Length, Content-Type, Cache-Control, Pragma, Retry-After, ETag, Expires, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 20 Feb 2023 14:51:26 GMT
age: 496
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
t-adbar1.com/favicon.ico
18.233.184.7302 Found 138 B IP 18.233.184.7:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /favicon.ico HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Mon, 20 Feb 2023 14:59:42 GMT
content-type: text/html
content-length: 138
location: https://trafficadbar.com/favicon.ico
server: nginx
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aea9630f88377d01e5cebab9de9c3b89
18c6603c6e63b79d45031e960dddd31b227f0de5
853e5bb59efe99054d86bbacf7c2f1f2483ad9c05d35cc9d8ea5dd9909cb38fb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "853E5BB59EFE99054D86BBACF7C2F1F2483AD9C05D35CC9D8EA5DD9909CB38FB"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10303
Expires: Mon, 20 Feb 2023 17:51:26 GMT
Date: Mon, 20 Feb 2023 14:59:43 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/kpwPGfkDhzY
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/kpwPGfkDhzY
IP 142.250.74.131:0
Hash 5b20335feabdb62ade39d1f5c97ac7e5
f2f029473959226db15844ed7fd789996da30b4c
18a4bef04d77ceb03c05eb3cc8494e25bd978f67bfb3535fb5739df9db9af315
POST /s/gts1p5/kpwPGfkDhzY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t-adbar1.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
18.233.184.7302 Found 138 B URL HTTP/2 t-adbar1.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
IP 18.233.184.7:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Ikt1NHJERyt3NktCaDRaVGNTRWd1d3c9PSIsInZhbHVlIjoiTDJCZGxQeFN4OWpSc2plXC9KU25admc9PSIsIm1hYyI6IjYwNzY1NzVkYjdiNDk2YmMwMGFmNDUyN2M0NzAyYmU2MGUwZmEyMmRkMDAyOTJmMDRhMzdjZDc5MjViMGY3NmUifQ==&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Mon, 20 Feb 2023 14:59:43 GMT
content-type: text/html
content-length: 138
location: https://trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
server: nginx
X-Firefox-Spdy: h2
t-adbar1.com/assets/BarController.js
18.233.184.7200 OK 1.1 kB URL HTTP/2 t-adbar1.com/assets/BarController.js
IP 18.233.184.7:0
File type ASCII text, with very long lines (1068), with no line terminators
Hash efa0db095e35eb95ee151016e47c492b
82a86e0cdbbe5f4a1634b2274f076dbaa053b86e
5adfd45bc89f7c5d9bb06fafb7caf0f317f54849db006ad49301f027ad6ece4c
GET /assets/BarController.js HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Ikt1NHJERyt3NktCaDRaVGNTRWd1d3c9PSIsInZhbHVlIjoiTDJCZGxQeFN4OWpSc2plXC9KU25admc9PSIsIm1hYyI6IjYwNzY1NzVkYjdiNDk2YmMwMGFmNDUyN2M0NzAyYmU2MGUwZmEyMmRkMDAyOTJmMDRhMzdjZDc5MjViMGY3NmUifQ==&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:43 GMT
content-type: application/javascript
content-length: 1068
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
etag: "60c06a82-42c"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 4d4559d4e138900d44d5731967d7740a
ae2301c2b5d4ba2201fb76e148b4ce147deeeff8
e92e1878c70a9e221257b02998722e6591baad2f8c5227f48f59722eeb37ac4e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=85570
Date: Mon, 20 Feb 2023 14:59:43 GMT
Etag: "63f22615-1d7"
Expires: Tue, 21 Feb 2023 14:45:53 GMT
Last-Modified: Sun, 19 Feb 2023 13:37:25 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: emBYbXU5zbXUtSJCiMg-hLArbXhilJg-my3JL1x0qOl9Yf9IuETt3Q==
Age: 4109
push.services.mozilla.com/
52.13.173.34101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.173.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: keQw3pmTz+gjfBKPvM//PQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: shnodyQIk/1xcPmj9eUbsi1i/h4=
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 0909b282853d37cf10237c76ccef4f57
0029479eded87bebbb4778e359e952f2c93d0f36
af4aa45ddadbf45b8f93459a54dd0a990705cd35a04f2dd25c761feb7d9a767b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96299
Date: Mon, 20 Feb 2023 14:59:43 GMT
Etag: "63f24906-1d7"
Expires: Tue, 21 Feb 2023 17:44:42 GMT
Last-Modified: Sun, 19 Feb 2023 16:06:30 GMT
Server: ECS (bsa/EB18)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: upmwLrjqbKbckNZh0ENEEwH_VoywPzWPkElZcrlKy8AjTXdFnMS0kw==
Age: 5893
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
104.17.24.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32065)
Hash 63827323c175768ccb0e8ed54589a3e5
9760e238d6ecced66396798559f70593793d801e
196f9479a27db836a2a7454e222f0cb52d4eeb162e0a50e69401ba1a8d81b564
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 26909
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e4a"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2630629
expires: Sat, 10 Feb 2024 14:59:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrV%2Fy4HFVnbMeV2PX2yM%2F1d7WRz3j3ncGc4NEoXghPSuDOQiL%2BZSzg8neNR3KCafajzBXTa1zhi7kK%2BSO2tKVLf0C8erHsTLe0%2BAJUVJ5s39IeKv6AZAW1z7MrdiH%2Fr%2FtIGwHpaS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79c81b956fc3b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/ui/1.11.4/jquery-ui.min.js
69.16.175.42200 OK 64 kB URL HTTP/2 code.jquery.com/ui/1.11.4/jquery-ui.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32035)
Hash 28749bfe6af321b7c932452b38ce8683
2b444e3dee68a935213db86fd188c22883a65683
9110cdde7eb592e332cf7fa4347e5b3b17a2868ecde80d0c4a054bf0dd5a03b2
GET /ui/1.11.4/jquery-ui.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://llclickpro.com
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:43 GMT
content-encoding: gzip
content-length: 64296
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-3ab2b"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1676905183.dop212.sk1.t,1676905183.cds022.sk1.hn,1676905183.cds020.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 81a1a1809b590719537c14a694489ba7
9c04f671e4eb3eba108de9659c16f15bd7cf9782
30cc6fc05b488494f695b526353ddd9937e28731ea3710c5c9ae8d76dfb4d0bb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3488
Cache-Control: max-age=165917
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:43 GMT
Etag: "63f3625c-117"
Expires: Wed, 22 Feb 2023 13:05:00 GMT
Last-Modified: Mon, 20 Feb 2023 12:06:52 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
llclickpro.com/trackr.js?v=54
104.21.65.65200 OK 3.8 kB URL HTTP/2 llclickpro.com/trackr.js?v=54
IP 104.21.65.65:0
File type ASCII text, with very long lines (1352)
Hash f42cc45b5f0ecff2952278f725c11a2a
f21d20b723e8f473f1faf0ad42a0bde5f66e6490
b2644fcd89249a59f14753af3e43917abf55f1bc4a59fa0e9bf6997a3113bda5
GET /trackr.js?v=54 HTTP/1.1
Host: llclickpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/MCTGlanding/tab
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:43 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=15670
last-modified: Wed, 07 Sep 2022 02:09:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3260
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZF7yQ%2FN2MNUTD3AFdDrE5E2JaO43RvXiOFeIVn0%2FGS1rM2u9Qax2UHkJSuC5gsjqONw0X9zS7Ar6ofykmXb4Nq92iChehpG80ofBJMoETitAroPOgu0DC3xV5mdGmaEnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79c81b954a21b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/kpwPGfkDhzY
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/kpwPGfkDhzY
IP 142.250.74.131:0
Hash 5b20335feabdb62ade39d1f5c97ac7e5
f2f029473959226db15844ed7fd789996da30b4c
18a4bef04d77ceb03c05eb3cc8494e25bd978f67bfb3535fb5739df9db9af315
POST /s/gts1p5/kpwPGfkDhzY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
172.64.133.15200 OK 4.5 kB URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (26516)
Hash 5d5be370fd9ee4a221934330d2bf3750
560362a90762996c8d9633d740d0502ba2fbd685
4cd5c81062feda5e7013a019f60547e7c62bd8df480600bbb1f2f78f1faf8b14
GET /releases/v5.15.4/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:43 GMT
content-type: text/css
x-amz-id-2: l7s+BaCyhyb5VSa95ipB9bqakUdUEL61xP3o2NTwjziMZKqpfqrwePgHTxnIpUGzySaKM6jZIYX0eJNxn2lA/A==
x-amz-request-id: FNNAA4WERS25G1WE
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"a034d3c71bee546f625877d7932917f8"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2158891
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEB16Ks8n%2FbDoqRr2QdJYNVV%2BHYz6kXBPOzJ4TaPQBlrJ1X74T0dT61zlJL41ZhIiulXkwn7WTJ1C2yFq5lufoG5SpbgSQS9lfC8qZV7Mnm78YTODzXKeS%2BDR8sy9p%2BDgFZ4E824"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79c81b960a2f71e0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 21fe19f588b72b07dab390621751ede7
0a582467a40b4a36a54acc09f23dc83e967a5ff6
516e30424bc91241f909a0f5e6b623e0bed7467b1d653e32b2670029b0ef0383
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2827
Cache-Control: public, max-age=300
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:43 GMT
Etag: "63e68ddc-5"
Last-Modified: Fri, 10 Feb 2023 18:33:00 GMT
Server: ECS (amb/6BBE)
X-Cache: HIT
Content-Length: 280
z5traffic.com/t/matomo.js
52.203.0.69404 Not Found 3.5 kB URL HTTP/2 z5traffic.com/t/matomo.js
IP 52.203.0.69:0
Hash 02429e013ecb74d303773c020f8b0ede
a9308ec9a04d1d9324ea5e198c11fadb0d0dbf1d
99827924eef1c54cd88d2bf874b78309e685919a8aef8b49814c03f1c2e6006f
GET /t/matomo.js HTTP/1.1
Host: z5traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 20 Feb 2023 14:59:43 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.16.1
vary: Accept-Encoding
x-powered-by: PHP/7.4.12
cache-control: no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
imgavatar.llsvr.com/scsa7588.m.jpg
188.114.97.1200 OK 4.6 kB URL HTTP/2 imgavatar.llsvr.com/scsa7588.m.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 100x100, components 3\012- data
Hash 8c8ff51f6858c6fb1b8ace70a73759e9
5388d61308b409e08a0507b4364615a746fdd254
44317f0e3df8fda2e8eaf878a91a42d79c566823fe872f5448367186e6671ad2
GET /scsa7588.m.jpg HTTP/1.1
Host: imgavatar.llsvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:44 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Sun, 26 Jun 2022 06:42:15 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSlNnbEpy9pkHuYLZM6GB2WMEpCFLrtKcVvScuKXZfix30%2BjXCxWdsddNW4lIqPJWSLbkR%2B%2B6KTmrJLRp2WllpKRKQ3%2FX%2Bhg1qiDCR6%2F5%2BygkqoRQSoZIBNjG%2Fs5mVh7vN%2BmxyxT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79c81b95bb69b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3cb7960c629af2d4a5325cec8696f40b
eb04e882f528f56fc09206f741d490a4b091a6dd
df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6688
Expires: Mon, 20 Feb 2023 16:51:12 GMT
Date: Mon, 20 Feb 2023 14:59:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3cb7960c629af2d4a5325cec8696f40b
eb04e882f528f56fc09206f741d490a4b091a6dd
df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6688
Expires: Mon, 20 Feb 2023 16:51:12 GMT
Date: Mon, 20 Feb 2023 14:59:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3cb7960c629af2d4a5325cec8696f40b
eb04e882f528f56fc09206f741d490a4b091a6dd
df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6688
Expires: Mon, 20 Feb 2023 16:51:12 GMT
Date: Mon, 20 Feb 2023 14:59:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3cb7960c629af2d4a5325cec8696f40b
eb04e882f528f56fc09206f741d490a4b091a6dd
df3a27c510b477ae3411c0c178fb36d8291503db40f64d22a3fa18061c0ec2b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF3A27C510B477AE3411C0C178FB36D8291503DB40F64D22A3FA18061C0EC2B0"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6688
Expires: Mon, 20 Feb 2023 16:51:12 GMT
Date: Mon, 20 Feb 2023 14:59:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac021e56-1cda-4705-942f-fd658890b5e1.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac021e56-1cda-4705-942f-fd658890b5e1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1fb795dc1da607d7abd375588fd5b870
2d2ac3b1203a7256bd9f425ec32e569f262547dd
ed323b2ee3701a082f9016d13c6fb34d7df2a208407d4d10d0d70cdeddac14e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac021e56-1cda-4705-942f-fd658890b5e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7153
x-amzn-requestid: e923bb08-b66c-4a50-a40e-f77d3afdd11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AmxiPHJtoAMFofA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f2960e-2f12021e701506482d3d08d7;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 21:35:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Gz1cNXmGoddIdVs0Zjsw7G0uuIGCOFz-886BaBbUOapkKTyzFGczYQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Feb 2023 21:41:38 GMT
age: 62286
etag: "2d2ac3b1203a7256bd9f425ec32e569f262547dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
trafficadbar.com/favicon.ico
18.233.184.7200 OK 6.0 kB URL HTTP/2 trafficadbar.com/favicon.ico
IP 18.233.184.7:0
Hash 203e63455de1b5a68d9517356dd45ef6
f5026a6854d0d44cb6fb728718934218c8e47b97
774db532358f2bfd3713abe9b1b41381bba6dddab63edf43b2d57b5eacf9be3f
GET /favicon.ico HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:43 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c5a0bab7d34e51ee6476be179b356ba
87917d3cf520d73b7b1029f44505e7700413d51d
136e727a99409218318247b645558fad485ed84bcd90bd43a5895492cb317d89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881c24a9-07ee-4126-b2c3-501b0461ee5e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6879
x-amzn-requestid: 18c46562-f8d9-4f7f-8ea0-1bb46e206f80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANnahEWgIAMFwYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e885dc-50a7cfe4693b4efb038ce1a7;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 06:23:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwK1XWOYMXy8qna9sVCV7q__QKMko9KXa8towbYhIj1EolPbqEuIHQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Feb 2023 09:13:17 GMT
age: 20787
etag: "87917d3cf520d73b7b1029f44505e7700413d51d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
llclickpro.com/MCTGlanding/tab
104.21.65.65200 OK 11 kB URL HTTP/2 llclickpro.com/MCTGlanding/tab
IP 104.21.65.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (374), with CRLF, LF line terminators
Hash cccdebf373bb8aba5beed2e0a7cdb4cf
c00ac3322fe2984b9184f1c9ad8bb2007f64c733
58f3330b9a86a8de993471ad7456413b1347718eb48e843827eef970e312ad7b
GET /MCTGlanding/tab HTTP/1.1
Host: llclickpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: lltkrl156457=1; expires=Tue, 21-Feb-2023 14:59:43 GMT; Max-Age=86400; path=/; SameSite=Lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9uHgZc3LcNgibMZAxSXqjVTI0iVlVEUojDmEMakrfiGU8DB61GbWAGy1xkwvKYJzrYSbTyjfj5SBCm%2BQrktlALpYknNv%2Bj4n9i%2F7AKD4dQ7YG8svDjD8NMUJ%2FFWcxEWhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79c81b926e2db50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8235bcbe-72cd-4831-9c09-c4cdb13fd846.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8235bcbe-72cd-4831-9c09-c4cdb13fd846.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa711ffb6b7af7f4c99a4fc552ff270a
a784b1bfb1aac498464e33afc8a5601775a3bfde
89d1660aabab759eda10a4a255af2d28f8b286a63fe53dc7b30631fa09986e46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8235bcbe-72cd-4831-9c09-c4cdb13fd846.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8875
x-amzn-requestid: 95c9949f-accb-42ee-8395-6616fc311508
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AmxdrEs5oAMFwqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f295f0-357c5c3e23d3a2a3524013e6;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 21:34:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XehgCHE4qX1A3D1mBNv805_Soe_KxOH9Uqftq9b-HYrl-hkJ4_hRfQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Feb 2023 22:04:49 GMT
age: 60895
etag: "a784b1bfb1aac498464e33afc8a5601775a3bfde"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8786243-b87e-4a31-baff-cf6738cd9df5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8786243-b87e-4a31-baff-cf6738cd9df5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45fb7a36a4efde0f93abe48efb4fdc13
22db86e51647b632038d4dd1606e22ddbc9ee759
1fc12b1cb99b1425aa5e5a0aa84de11c0f4106ac8d0b5499c0f34825328678c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8786243-b87e-4a31-baff-cf6738cd9df5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: b2b1b07b-9a6d-4061-92a4-f7c0e0a60261
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AmxiNFHuoAMFjVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f2960d-716020496f7fb2c168065757;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OH2_BbQ3-3HeNlYhP-n3pkPqFqKsxfNtQPAwkqRwPJ8Z62C-GrnnPQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Feb 2023 22:15:53 GMT
age: 60231
etag: "22db86e51647b632038d4dd1606e22ddbc9ee759"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 72c5802c8aa0287e9dc9d506f8705f63
1cea928306467ece78aad3e0838d99cb5198476f
ce73d997476d10ee090b72469c33f42271f9034a37beaa779c1ed50b0ce8093f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE73D997476D10EE090B72469C33F42271F9034A37BEAA779C1ED50B0CE8093F"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9784
Expires: Mon, 20 Feb 2023 17:42:49 GMT
Date: Mon, 20 Feb 2023 14:59:45 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 0b5e7aa8ea8d78806f5c1c159b9c78d5
18bffaa216cc908f298ca6317654a0ee34a9001d
9fe0c2667f80ca2df17b9009daa79acf2432c59b829dd95c436d03e58c7c8c02
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 14:59:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 17 Feb 2023 14:30:27 GMT
Expires: Fri, 24 Feb 2023 14:30:26 GMT
Etag: "18bffaa216cc908f298ca6317654a0ee34a9001d"
Cache-Control: max-age=343240,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79c81ba13ffbb500-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43fa1b27a718d538fbc3dc60c0a3b67a
44bd382e2b0ba72bf030ebf5dad1af7f92c3580c
c1f9a787ff782aa3a1bc0f50ce4d9559385f7c6cccbcc74ef8d9e50f7fc00b89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C1F9A787FF782AA3A1BC0F50CE4D9559385F7C6CCCBCC74EF8D9E50F7FC00B89"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10685
Expires: Mon, 20 Feb 2023 17:57:50 GMT
Date: Mon, 20 Feb 2023 14:59:45 GMT
Connection: keep-alive
www.morecouponstogo.com/uni-landing
34.237.47.210200 OK 40 kB URL HTTP/2 www.morecouponstogo.com/uni-landing
IP 34.237.47.210:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6684)
Hash c6b57db6ec20967569246c351820c7e2
6697f368299f2b9b422b1650023ecb2ed67d89c2
2971a4010b2c3d01d62ba3a27d6c80290097b31c03de3e01ddd832013583907f
Analyzer Verdict Alert fortinet Phishing
GET /uni-landing HTTP/1.1
Host: www.morecouponstogo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 20 Feb 2023 14:59:45 GMT
content-type: text/html; charset=UTF-8
content-length: 39785
x-brizy-preview: 1
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
x-varnish: 95471519 29875119
age: 893499
via: 1.1 varnish (Varnish/6.2)
x-cache: HIT
x-cache-hits: 6739
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700|Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
194.242.11.186200 OK 3.4 kB URL HTTP/2 fonts.bunny.net/css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700|Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d12f5ae7c4cccb165ed7e023f9cc2ff4
e482f81af148aa0028ca9511a4fa1bda95107ab2
a5211eaceca46bebadcdcb5a2d574ac631967ccaee25a9077d69ebec0a3e2561
GET /css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700|Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:45 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
last-modified: Sun, 19 Feb 2023 23:58:14 GMT
x-do-app-origin: 1fb91846-e6b7-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/19/2023 23:58:14
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 195a87798be1811df387768a78bd2c24
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/126-cloud/css/preview.pro.css
194.242.11.186200 OK 42 kB URL HTTP/2 b-cloud.b-cdn.net/builds/pro/126-cloud/css/preview.pro.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type assembler source, ASCII text
Hash 9eb726910b610d19388571b6a1cfb912
0566e19994d795d09d80aadbf1c78d28b299f80c
a70d3d7c91b56321d946142f60668e76c8f38978ca242e7c1e253f474779a53a
GET /builds/pro/126-cloud/css/preview.pro.css HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:45 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"b1efdef564a9908476eca3da92165504"
last-modified: Tue, 31 Jan 2023 10:24:53 GMT
x-amz-id-2: tYNu5aGwePU3RKdwWk88GzGW2O/esHn66d56n3My5FyFKieEQEstrq2xS/QrFMQJv5bC7ptJONM=
x-amz-request-id: 2BXZ51922MBR76MM
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/31/2023 12:56:40
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/126-cloud/css/preview.pro.css>; rel="canonical"
cdn-status: 200
cdn-requestid: d3f7ca436d9f85e9d9c1f1f4b5a93414
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-LRYZTN7NCV
142.250.74.72200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LRYZTN7NCV
IP 142.250.74.72:0
File type ASCII text, with very long lines (19467)
Hash d2280ef6b845a6310e544b51fb8241ff
af106d178bebb8faf3b9932d23398ce10275f178
75a8fbfcf33e9c398c892a2e56cac43abbbafcf3d808448c9185711bb8f30432
GET /gtag/js?id=G-LRYZTN7NCV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 20 Feb 2023 14:59:45 GMT
expires: Mon, 20 Feb 2023 14:59:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78347
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash c3e356ed136c5f62b056d9b201feb2b3
347a077ab2fb083250d5e228602322772af76abf
57867c214d4e94b4c7a46c546c90ebeb52f91b3028ce52ee7d3a520510dd5e23
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 14:59:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 24 Feb 2023 12:18:44 GMT
ETag: "347a077ab2fb083250d5e228602322772af76abf"
Last-Modified: Mon, 20 Feb 2023 12:18:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2716
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79c81ba28aff0b59-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ad11b8d48d7d08d6cb48675fbfcab98d
f633a857f51019b7509de1b1864103b5d37ee4e6
3ef61d0f2bfadb0ae8d9a9c7b97501e00280e0cea461d1e2bf8a012189dd7294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3EF61D0F2BFADB0AE8D9A9C7B97501E00280E0CEA461D1E2BF8A012189DD7294"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1861
Expires: Mon, 20 Feb 2023 15:30:46 GMT
Date: Mon, 20 Feb 2023 14:59:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ea82c73c87a0f2e412e2f80ccf91f545
88b07bad381088057c1ec4bdf06f3516b9c97eeb
e75db6c4c503ff4aa62e0a7cdb2b6c0f5a7ac1a465deba360f16e040fab18dea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:45 GMT
Last-Modified: Mon, 20 Feb 2023 14:59:45 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a6e5d93e6ff78ff0040d571937410c78
ec1b36fe7fb5f6cc3b41d50bcddc3199dbac8969
f14addd83ab95ac7ad8b7340db9c82f4bc03f5fa9781ec9923485f17dbb101ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1ielco78gv5pf.cloudfront.net/assets/external_portfolio.js
108.157.217.203200 OK 368 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/external_portfolio.js
IP 108.157.217.203:0
File type ASCII text, with very long lines (656), with no line terminators
Hash 6d08d48c6c92e09861efbddca1deecbb
b7d3a024b245aff1fe4d8329bfdaae79c2f82351
d7577201395b0a8c25cebfea43e28b56887745cebf4bf65d2d8723d7828baca1
GET /assets/external_portfolio.js HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 368
date: Mon, 23 Jan 2023 23:26:54 GMT
server: nginx
last-modified: Sun, 22 Jan 2023 10:15:29 GMT
content-encoding: gzip
expires: Thu, 20 Jan 2033 23:26:54 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2bc8da8a8d03748525187195f797d86.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: a3SCqI5GAPb-rE-9VTTczRbQmLwLO5j8Hug8R_LSHic1dqEhfYTSuw==
age: 2388771
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1c504105f90a4f57f649b1e3444faba4
ae10c8ffec4d7c38ee3dab478174585b9e29ef85
32088019bce8caf4e78c0b20f733d4d9364235dbb9e906d3b2f65ea1697124ee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=112734
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:45 GMT
Etag: "63f2a03f-117"
Expires: Tue, 21 Feb 2023 22:18:39 GMT
Last-Modified: Sun, 19 Feb 2023 22:18:39 GMT
Server: nginx
Content-Length: 279
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 4a32e3ae441b63e66747681a39d6dd56
409ba9d25708eba4c88fd6e15d2bea6acca85b17
030a9d9cd2bdb49e771741fbaeb36d9dad215566c65fcb2ff6187baef52d6e48
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98364
Date: Mon, 20 Feb 2023 14:59:45 GMT
Etag: "63f2681d-1d7"
Expires: Tue, 21 Feb 2023 18:19:09 GMT
Last-Modified: Sun, 19 Feb 2023 18:19:09 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UYeTUdYdvGSKLTN7CJH-YTn17sRY7PYS8ExGJtTzdVeELH7YZHbYGQ==
twshop4coupon.com/track/imp/img/6848/ce2bc2b8910528c9bed6f77a9672c94824684fc975fbb9b20a61ba0266?subid_1=&subid_2=&subid_3=&subid_4=&subid_5=
34.225.242.169302 Found 830 B URL HTTP/2 twshop4coupon.com/track/imp/img/6848/ce2bc2b8910528c9bed6f77a9672c94824684fc975fbb9b20a61ba0266?subid_1=&subid_2=&subid_3=&subid_4=&subid_5=
IP 34.225.242.169:0
Hash 50867b12318309d0946487ff6f7b143d
d12cc723c62066f4eecaad7694ddd0381ab29665
eba0f8836d28396aa0e407976f64c1180418c39a0bfd80771fac356bc8dfdc48
GET /track/imp/img/6848/ce2bc2b8910528c9bed6f77a9672c94824684fc975fbb9b20a61ba0266?subid_1=&subid_2=&subid_3=&subid_4=&subid_5= HTTP/1.1
Host: twshop4coupon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 20 Feb 2023 14:59:46 GMT
content-type: text/html; charset=utf-8
location: https://cdn.affiliates.one/production/admin_affiliates_com_tw/image_creative/6848/x1dmuwbyv2tjwywndwsoqvvuraktdtp1szujaobnu_cheapoair_468x60.gif?wl=8&image_creative_id=6848&offer_id=1481&offer_variant_id=1871&network_id=169&affiliate_id=17200&affiliate_offer_id=1826500
server: Apache/2.4.18 (Ubuntu)
cache-control: no-cache
x-request-id: 9d63be69c3eeae09f5d918f69d717ed2
p3p: CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV"
x-ua-compatible: IE=Edge,chrome=1
x-runtime: 0.098864
x-rack-cache: miss
x-powered-by: Phusion Passenger 5.1.12
status: 302 Found
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/126-cloud/css/group-3-pro.css
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/126-cloud/css/group-3-pro.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /builds/pro/126-cloud/css/group-3-pro.css HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:46 GMT
content-type: text/css
content-length: 0
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Tue, 31 Jan 2023 10:24:52 GMT
x-amz-id-2: 5+chKWyaxUXX1IYISs7n5VHIUVw4533+hN4fqm54qFsq1ls5Ep4J2p+XZwT9lZfTR0qmxv59mdY=
x-amz-request-id: Y6Q3DZ1E7Y1QG867
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/19/2023 23:58:14
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/126-cloud/css/group-3-pro.css>; rel="canonical"
cdn-status: 200
cdn-requestid: f9b3fdb464e69a897e84dd6a69edf057
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.affiliates.one/production/admin_affiliates_com_tw/image_creative/6848/x1dmuwbyv2tjwywndwsoqvvuraktdtp1szujaobnu_cheapoair_468x60.gif?wl=8&image_creative_id=6848&offer_id=1481&offer_variant_id=1871&network_id=169&affiliate_id=17200&affiliate_offer_id=1826500
54.230.111.77200 OK 14 kB URL HTTP/2 cdn.affiliates.one/production/admin_affiliates_com_tw/image_creative/6848/x1dmuwbyv2tjwywndwsoqvvuraktdtp1szujaobnu_cheapoair_468x60.gif?wl=8&image_creative_id=6848&offer_id=1481&offer_variant_id=1871&network_id=169&affiliate_id=17200&affiliate_offer_id=1826500
IP 54.230.111.77:0
File type GIF image data, version 89a, 468 x 60\012- data
Hash 97fea49af7bf619f505f90feb16ee6dc
e8d7deedfe00f192c37f176cd795b0a6caf2ea20
05f4606a5f2a901ca8bdd466d304ec19f4aae4bcdc9174eb3105303a1a477703
GET /production/admin_affiliates_com_tw/image_creative/6848/x1dmuwbyv2tjwywndwsoqvvuraktdtp1szujaobnu_cheapoair_468x60.gif?wl=8&image_creative_id=6848&offer_id=1481&offer_variant_id=1871&network_id=169&affiliate_id=17200&affiliate_offer_id=1826500 HTTP/1.1
Host: cdn.affiliates.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 13831
last-modified: Thu, 23 Oct 2014 04:46:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 20 Feb 2023 14:59:46 GMT
etag: "97fea49af7bf619f505f90feb16ee6dc"
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gQinbeVitp9FuwBo3bS2sEaBDYK0mdprHuyQXb6cxnHUuHYsrCpzLg==
age: 45391
X-Firefox-Spdy: h2
w.leadsleap.com/js.js
104.26.9.147200 OK 2.2 kB IP 104.26.9.147:0
File type ASCII text, with very long lines (4026), with no line terminators
Hash 7446d745b68ff45d34f2b448eb0f35e7
2e6fbfcf717f0682752954e4999c27209850b398
37b7e9cbf25be8bc18fbe8342ee3336465bfb2c54e70f26b800cf06e9ede25da
GET /js.js HTTP/1.1
Host: w.leadsleap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:45 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4038
last-modified: Mon, 06 Jun 2022 14:11:07 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5fm1Km5laGvWY9T232Lh3n7KKT3wK7Jz9tSIs6kIRILDrzPfrbJgiIiIkfaZsJ6cDq0Hg3aYxL7noDzi%2BzbNgH01KpsrGDYn4j%2B2AN0Ys%2BCVjbMyaeCGG2ja4bKi3ef2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79c81ba3ba83b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 652e0fa59c5baeae693cb48f05a866fa
7336989ad39144fcdee7397f40dcd4697134c1e5
6b7bb317df6b5abdb2803d133e63ee8b1383d30c6403eb8650e013255c6f0227
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
a-cloud.b-cdn.net/media/iW=5000&iH=any/2140325504fda1a2cde8af4bef434f25/maxresdefault-3-.jpg
194.242.11.186200 OK 134 kB URL HTTP/2 a-cloud.b-cdn.net/media/iW=5000&iH=any/2140325504fda1a2cde8af4bef434f25/maxresdefault-3-.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 134 kB (133726 bytes)
Hash 17cb64a7e38ad2c297119061fc95c6de
d6e4522265fe3d65b3537a1d572efd41fd6cf3dc
08ef857da7faa71d137eb33c08bddd65735b149d578e088ee9e610d6d92d24a3
GET /media/iW=5000&iH=any/2140325504fda1a2cde8af4bef434f25/maxresdefault-3-.jpg HTTP/1.1
Host: a-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:46 GMT
content-type: image/webp
content-length: 133726
server: BunnyCDN-NO1-830
cdn-pullzone: 465925
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Sun, 19 Feb 2023 23:58:14 GMT
x-bo-server: DE-186
x-downloadsize: 146099
x-bo-origindownloadtime: 462
x-bo-processingtime: 9
x-bo-compressionratio: 8.47%
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/19/2023 23:58:15
cdn-edgestorageid: 830
link: <https://www.brizy.cloud/media/iW=5000&iH=any/2140325504fda1a2cde8af4bef434f25/maxresdefault-3-.jpg>; rel="canonical"
cdn-status: 200
cdn-requestid: 861357337be7271d20f806f77528879c
cdn-cache: HIT
X-Firefox-Spdy: h2
fonts.bunny.net/montserrat/files/montserrat-latin-700-normal.woff2
194.242.11.186200 OK 13 kB URL HTTP/2 fonts.bunny.net/montserrat/files/montserrat-latin-700-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 12848, version 1.0\012- data
Hash f0b3206d02a2f684530117ce1d7e8ce0
f3708b707b65e241b0f1c819d5f7bf7da8412653
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
GET /montserrat/files/montserrat-latin-700-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:46 GMT
content-type: font/woff2
content-length: 12848
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aea096-3230"
last-modified: Fri, 30 Dec 2022 08:25:58 GMT
cdn-storageserver: SE-318
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:42:17
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 5edd28d7655e4759e043ea2bcaf882bc
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/oswald/files/oswald-latin-700-normal.woff2
194.242.11.186200 OK 10 kB URL HTTP/2 fonts.bunny.net/oswald/files/oswald-latin-700-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data
Hash 58e5c92fd1a1fc89b8ca6d74ce4793b8
337771c465778aeed6de18195e0cbe9d9098d299
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
GET /oswald/files/oswald-latin-700-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:46 GMT
content-type: font/woff2
content-length: 10172
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee20a-27bc"
last-modified: Fri, 30 Dec 2022 13:05:14 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/28/2023 10:32:04
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 7dd9d6291d2e0b1f63497a4dbd1f6be5
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 652e0fa59c5baeae693cb48f05a866fa
7336989ad39144fcdee7397f40dcd4697134c1e5
6b7bb317df6b5abdb2803d133e63ee8b1383d30c6403eb8650e013255c6f0227
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.redbubble.com/assets/external_portfolio.js
104.18.8.241301 Moved Permanently 13 kB URL HTTP/2 www.redbubble.com/assets/external_portfolio.js
IP 104.18.8.241:0
File type Web Open Font Format (Version 2), TrueType, length 12700, version 1.0\012- data
Hash e571167fbcce8d5081bce96a09930063
e12420f5e4da3ccdc75a58ce744e7d5a0c6cf79e
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
GET /assets/external_portfolio.js HTTP/1.1
Host: www.redbubble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 20 Feb 2023 14:59:45 GMT
location: https://d1ielco78gv5pf.cloudfront.net/assets/external_portfolio.js
cache-control: max-age=3600
expires: Mon, 20 Feb 2023 15:59:45 GMT
set-cookie: __cf_bm=IxXO33JJE7EAFN.DtTHlx_PfWHcXxODlZTcnGDkZCVM-1676905185-0-AesrnGFZODNoQimpnLIFjtnxycviI0yaQ+ZKkZ61Kz9PmMijqYmQPcXU1CrWtR3DcFjureuGxUnqcERopSDF48U=; path=/; expires=Mon, 20-Feb-23 15:29:45 GMT; domain=.redbubble.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 79c81ba1f826b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.bunny.net/palanquin-dark/files/palanquin-dark-latin-700-normal.woff2
194.242.11.186200 OK 19 kB URL HTTP/2 fonts.bunny.net/palanquin-dark/files/palanquin-dark-latin-700-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 18824, version 1.0\012- data
Hash 0b8cbe6afbac36bab648231406851927
2f67e3adf1061cf82e075d636ae22bc4fca731ea
2c83b448afb8398f6ff0f1d684f125b13e0889b05c5041bb8ff4eb680a892089
GET /palanquin-dark/files/palanquin-dark-latin-700-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:46 GMT
content-type: font/woff2
content-length: 18824
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee488-4988"
last-modified: Fri, 30 Dec 2022 13:15:52 GMT
cdn-storageserver: SE-344
cdn-fileserver: 344
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/19/2023 14:38:27
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: caeb1a93d2a0935b1f32f9fee044597c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/lato/files/lato-latin-400-normal.woff2
194.242.11.186200 OK 24 kB URL HTTP/2 fonts.bunny.net/lato/files/lato-latin-400-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /lato/files/lato-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:46 GMT
content-type: font/woff2
content-length: 23580
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63ae91bd-5c1c"
last-modified: Fri, 30 Dec 2022 07:22:37 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:41:05
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 80a12917fd3f22897029cd8c08892e9d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/palanquin-dark/files/palanquin-dark-latin-400-normal.woff2
194.242.11.186200 OK 31 kB URL HTTP/2 fonts.bunny.net/palanquin-dark/files/palanquin-dark-latin-400-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash 0ac68a20f625e44bbe6a46c1e7fb1f1e
848316cc5f741b44be20ea512a016ed4cfef4651
fda9de8a0b584411738eb217593df6a065f556f5ebd4800c2f881d4695e4b874
GET /palanquin-dark/files/palanquin-dark-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:46 GMT
content-type: font/woff2
content-length: 20084
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee486-4e74"
last-modified: Fri, 30 Dec 2022 13:15:50 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/18/2023 23:11:29
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 05b85b2de64910fb03d4e60780d10540
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/free/252-cloud/editor/js/group-jq.js
194.242.11.186200 OK 47 kB URL HTTP/2 b-cloud.b-cdn.net/builds/free/252-cloud/editor/js/group-jq.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 62c95fac63523d76211d1f0d4b26d99f
7ae5e2ad93b17f1e66d598d54e87ee5f8d03134d
81865402a67ada87e796c6cb29f0c962c821eb2964ae3a0c867745282508bd3f
GET /builds/free/252-cloud/editor/js/group-jq.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:45 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"4d182f886a2c9b4750d67b18a8d83d3e"
last-modified: Tue, 31 Jan 2023 10:22:37 GMT
x-amz-id-2: djmkNlwi7/AEjy+Y++DfxleOQHVAadLbN5mCW77fLWxGcYkYqv7tklBJnRVvWcuPS7+ls5p1KfY=
x-amz-request-id: 87HPH1Z5ADVWBFPD
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/31/2023 14:27:10
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/252-cloud/editor/js/group-jq.js>; rel="canonical"
cdn-status: 200
cdn-requestid: 23587499651421c99db0bed436a63b09
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 0b5e7aa8ea8d78806f5c1c159b9c78d5
18bffaa216cc908f298ca6317654a0ee34a9001d
9fe0c2667f80ca2df17b9009daa79acf2432c59b829dd95c436d03e58c7c8c02
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 14:59:46 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 17 Feb 2023 14:30:27 GMT
Expires: Fri, 24 Feb 2023 14:30:26 GMT
Etag: "18bffaa216cc908f298ca6317654a0ee34a9001d"
Cache-Control: max-age=343239,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79c81ba13ecab509-OSL
fonts.bunny.net/roboto/files/roboto-latin-700-normal.woff2
194.242.11.186200 OK 16 kB URL HTTP/2 fonts.bunny.net/roboto/files/roboto-latin-700-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /roboto/files/roboto-latin-700-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:46 GMT
content-type: font/woff2
content-length: 15860
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aef481-3df4"
last-modified: Fri, 30 Dec 2022 14:24:01 GMT
cdn-storageserver: SE-318
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/05/2023 02:11:03
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d0af6673f56cc35ce7a1372a838dd242
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
a-cloud.b-cdn.net/media/iW=101&iH=101&oX=0&oY=16&cW=101&cH=70/9b040f5e483e93a7cce7e811fc84b625/image.png
194.242.11.186200 OK 2.0 kB URL HTTP/2 a-cloud.b-cdn.net/media/iW=101&iH=101&oX=0&oY=16&cW=101&cH=70/9b040f5e483e93a7cce7e811fc84b625/image.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash 99f2f3bd994a519250122d235f0da5d3
80413556bfc2e3b9fa0e856200020d7bca6af5e5
fb40359f8a5bea55a10c3eb5c3fa4a2a6cd77eba854972e437f8b81d175fab37
GET /media/iW=101&iH=101&oX=0&oY=16&cW=101&cH=70/9b040f5e483e93a7cce7e811fc84b625/image.png HTTP/1.1
Host: a-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:46 GMT
content-type: image/webp
content-length: 2032
server: BunnyCDN-NO1-830
cdn-pullzone: 465925
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Sun, 19 Feb 2023 23:58:15 GMT
x-bo-server: DE-95
x-downloadsize: 3099
x-bo-origindownloadtime: 587
x-bo-processingtime: 0
x-bo-compressionratio: 34.43%
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/19/2023 23:58:15
cdn-edgestorageid: 830
link: <https://www.brizy.cloud/media/iW=101&iH=101&oX=0&oY=16&cW=101&cH=70/9b040f5e483e93a7cce7e811fc84b625/image.png>; rel="canonical"
cdn-status: 200
cdn-requestid: 42a3d7b20b3dcecb26925c6ae3e41356
cdn-cache: HIT
X-Firefox-Spdy: h2
fonts.bunny.net/montserrat/files/montserrat-latin-500-normal.woff2
194.242.11.186200 OK 13 kB URL HTTP/2 fonts.bunny.net/montserrat/files/montserrat-latin-500-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 12820, version 1.0\012- data
Hash 3f2f6d9e64a95a40ea5dedfc91f42a95
9cd9f5a2f86f1d42390141d91619a0aa41a276b7
ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78
GET /montserrat/files/montserrat-latin-500-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:46 GMT
content-type: font/woff2
content-length: 12820
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aea091-3214"
last-modified: Fri, 30 Dec 2022 08:25:53 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:52:55
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 85732bbdf1f40f77670210468ba22c06
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 32c273f03591a760d39799b2aca7927e
5236e80503b30600573e40c674c577c06185a83f
d8e8f0daef07cc746bc65813819ed5cd30367e5cd145d00bb305757b9b4a8bd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY
142.250.74.14200 OK 32 kB URL HTTP/2 www.youtube.com/embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY
IP 142.250.74.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58608)
Hash d843d268818c55c31e96d9e0518f3ed5
63aaf6c5e49ff49bca4740fdeb2238205ef17e18
203c4a54df2601d00e1bba976c4d930e8ed43bfad29e3ee3d602d658b9465509
GET /embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 20 Feb 2023 14:59:46 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=_CfZ0yJGuYw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekl3TWpJMU1qa3pNell3TlRJNE16QTNOQT09EOKVzp8GGOKVzp8G; Domain=.youtube.com; Expires=Sat, 19-Aug-2023 14:59:46 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=jvUpsJcy-Gc; Domain=.youtube.com; Expires=Sat, 19-Aug-2023 14:59:46 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+978; expires=Wed, 19-Feb-2025 14:59:46 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 387d5ee78415358927e7002bb606f939
fb77115bdd04ed61fa4508b1ddeec6f8afab8add
8fa6b595bbb88f5adaaf5315aa7dc8b4a7e6dd84b9426fa8e299e1dc9a3c4221
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8FA6B595BBB88F5ADAAF5315AA7DC8B4A7E6DD84B9426FA8E299E1DC9A3C4221"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1610
Expires: Mon, 20 Feb 2023 15:26:36 GMT
Date: Mon, 20 Feb 2023 14:59:46 GMT
Connection: keep-alive
www.youtube.com/embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
142.250.74.14200 OK 138 kB URL HTTP/2 www.youtube.com/embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
IP 142.250.74.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Size 138 kB (137934 bytes)
Hash fd5557027926b8eb12ad1bde0c8cfd52
107780e3fea508c66c7b70f81269f115f7ec944c
65a330d597ea3a53bd4957faaf4cdf0aeafebef8eea845259f011e99b462a10b
GET /embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 20 Feb 2023 14:59:46 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=wdWWXWJj44w; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=8jGB-lkvl9Q; Domain=.youtube.com; Expires=Sat, 19-Aug-2023 14:59:46 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekl3TWpJMU1qa3pOREU1TURReU1URXpPQT09EOKVzp8GGOKVzp8G; Domain=.youtube.com; Expires=Sat, 19-Aug-2023 14:59:46 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+789; expires=Wed, 19-Feb-2025 14:59:46 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9d05d51b48728fdcd100d5ad8ce645e7
da63db3fe51d74b7776cd6ce770c6937cbede853
3c77d0fc549913b4a1606ae27a05c67fecceb6ed0ce49be12a6c5a692d5a8e4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Feb 2023 17:56:42 GMT
expires: Fri, 16 Feb 2024 17:56:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 334985
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Feb 2023 21:48:03 GMT
expires: Fri, 16 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 321104
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yazing.com/js/showdeals-yzwg.js?id=yzwg-00121c44992dbac71bfa6b2a9ef2bbdd&d=2044
54.81.41.150200 OK 1.3 kB URL HTTP/1.1 yazing.com/js/showdeals-yzwg.js?id=yzwg-00121c44992dbac71bfa6b2a9ef2bbdd&d=2044
IP 54.81.41.150:0
Hash 1bf2bd339fc8d9a60c52c8261afb0563
c0bacf7055ab2bc2654bc9014ce67c43aefea261
69d8cab7b077ecb6b5cbcb3a8271cc0daf2c6f4449f567cb5afe7299cbbb13b3
GET /js/showdeals-yzwg.js?id=yzwg-00121c44992dbac71bfa6b2a9ef2bbdd&d=2044 HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 14:59:47 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Tue, 07 Jun 2022 08:14:40 GMT
ETag: "ee9-5e0d72e2d0111-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Content-Length: 1294
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9d05d51b48728fdcd100d5ad8ce645e7
da63db3fe51d74b7776cd6ce770c6937cbede853
3c77d0fc549913b4a1606ae27a05c67fecceb6ed0ce49be12a6c5a692d5a8e4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wealthdnacode.com/img/aff/wealthdna-600x250.jpg
162.211.82.195200 OK 134 kB URL HTTP/2 wealthdnacode.com/img/aff/wealthdna-600x250.jpg
IP 162.211.82.195:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x250, components 3\012- data
Size 134 kB (134496 bytes)
Hash f8b1f97d806a7940765cecca6adf13d2
aa9d13148556c6baf8568f7b0b17f9e31c367b0b
eb6cd2974287d51b45838d016d9493cb2c211a8ee38709325f69ef0316f3c669
GET /img/aff/wealthdna-600x250.jpg HTTP/1.1
Host: wealthdnacode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 27 Feb 2023 14:59:46 GMT
content-type: image/jpeg
last-modified: Fri, 16 Sep 2022 07:01:26 GMT
accept-ranges: bytes
content-length: 134496
date: Mon, 20 Feb 2023 14:59:46 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c2d5bbda2af6c6c8f375df14a30b3132
e6c345980548cc98bbe06c2027ebb28e86b0cc67
a1e52ba3df68a64e5be9798dbc8708f7221de4427d378145dc165a421231a5a5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 14:59:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 18 Feb 2023 19:33:04 GMT
Expires: Sat, 25 Feb 2023 19:33:03 GMT
Etag: "e6c345980548cc98bbe06c2027ebb28e86b0cc67"
Cache-Control: max-age=447795,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79c81bac2895b500-OSL
assets6.lottiefiles.com/private_files/lf30_aXRkcv.json
54.230.111.52200 OK 99 kB URL HTTP/2 assets6.lottiefiles.com/private_files/lf30_aXRkcv.json
IP 54.230.111.52:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2c0853bf418b27ccf1ec71d1245e0a52
fff0301adadc098905d530c7dd806a3d68691f73
ddf8fbb2f07b70ec64eee09fbfd99760eb0d3084acc89e6312748879d7d8c150
GET /private_files/lf30_aXRkcv.json HTTP/1.1
Host: assets6.lottiefiles.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 1800
last-modified: Wed, 10 Jun 2020 03:42:46 GMT
x-amz-version-id: cl7YYcZ.eZwJkn7C3eZLvmpcNwHYuuSO
server: AmazonS3
content-encoding: br
date: Mon, 20 Feb 2023 14:59:47 GMT
etag: W/"fc1fe14e06bca801e615880167a4397d"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -TOM2lZMASJH9VwJ7HPH2y4gzq11_ZYVRFr5wQ9nOapNIxYkKCp64Q==
age: 233
X-Firefox-Spdy: h2
cdn.gravitec.net/sdk/web/configs?appKey=651b3da8463250405063839a2450c723
45.133.44.4200 OK 1.2 kB URL HTTP/2 cdn.gravitec.net/sdk/web/configs?appKey=651b3da8463250405063839a2450c723
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Hash 08e6949daa0d220203a70e45424b25e8
5cb7525d8bca0f64e3e5be5d769205481b751754
3e62cd95ee4e301abb9768deffd1fa097e2ee5e573755d824f28218e9e23c3df
GET /sdk/web/configs?appKey=651b3da8463250405063839a2450c723 HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:46 GMT
content-type: application/json
server: nginx
x-correlation-id: 396180f88d80852cb3cb48a55babc146
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: MISS
X-Firefox-Spdy: h2
connect.facebook.net/undefined/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/undefined/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 240fdc2a1cebce1047a79b96227c522a
66a7a010953ea6caff1051298e51d49056cfaf05
f45192456f2de12e75b255a652855ddf57fa1af49a4a2125143159e614b43690
GET /undefined/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 5c47a154dd4575f573c36684960fb518
etag: "d3ee5db0f813ed30c2571012354c32c0"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 20 Feb 2023 15:07:57 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: JA/cKhzrzhBHp5uWInxSKg==
x-fb-debug: bur3JXp5duF6bX+srXQZIJLWLtF8LMEvnSiAw4WMgc/oLJtzcb2IGKEWaLG2eBDKvbctf7VywFlXe6+cyTEE/w==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 2050670934
date: Mon, 20 Feb 2023 14:59:47 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4770623398847220
142.250.74.66200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4770623398847220
IP 142.250.74.66:0
File type ASCII text, with very long lines (3649)
Hash 8a5335c77567d755107ad77de8714b94
943af7bade47bc0b5e351833a6a1c900fc701428
55971a29821bddadd58d794207f8517aff3976ec23c8fc257da06c7cfcfc0d7d
GET /pagead/js/adsbygoogle.js?client=ca-pub-4770623398847220 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 20 Feb 2023 14:59:47 GMT
expires: Mon, 20 Feb 2023 14:59:47 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 11748429133876141673
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49364
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72b8e23a074887f3f69aa87cffda1c82
732c052a19f54d5ce58ead9f440360cf1c2a1883
abc83ebb4fa0ba137c0c70702dcf159ea92cf948ff7190fbae2e836c0a9ceb62
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2909
Cache-Control: max-age=131107
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:47 GMT
Etag: "63f2dca9-1d7"
Expires: Wed, 22 Feb 2023 03:24:54 GMT
Last-Modified: Mon, 20 Feb 2023 02:36:25 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 640fbb04730146d4b636e2062afb5267
fe9faa4412eaa72a7f1e6ea22f250c20a9f00f93
1c1ad6ddeabce08822b9247423ebea471c0378db7ecb681a055b2f7002967770
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yazing.com/css/showdeals-yzwg.css
54.81.41.150200 OK 406 B URL HTTP/1.1 yazing.com/css/showdeals-yzwg.css
IP 54.81.41.150:0
Hash 67799b159cb3ef050044a77a2b3a9b45
886d44342cba8c02f846fc12bcce675f8356f1b3
4e3c99e3266b36b09cbb5bac828e08cf82ffe1d810c57049627da012ce92fcaa
GET /css/showdeals-yzwg.css HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 14:59:47 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Mon, 26 Apr 2021 12:38:43 GMT
ETag: "441-5c0df6d092f3d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Content-Length: 406
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
yazing.com/widget/ajax-show-deals
54.81.41.150200 OK 5.4 kB URL HTTP/1.1 yazing.com/widget/ajax-show-deals
IP 54.81.41.150:0
File type JSON data\012- , ASCII text, with very long lines (5373), with no line terminators
Hash ff42452a256ef5231ed83f4f1d944040
0d6f96e6cc5d3e408ae333226f7737a20df26506
b195a0a25a63625e56f15048adf52c030097fc996c2dd11048750a5f912dcf6a
POST /widget/ajax-show-deals HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 379
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 14:59:48 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: advanced-frontend=c02d8d4p1lm2g4a28aig7sdij5; expires=Wed, 19-Feb-2025 14:59:48 GMT; Max-Age=63072000; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Content-Length: 5373
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html
142.250.74.130200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230215/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sun, 19 Feb 2023 22:28:44 GMT
expires: Sun, 05 Mar 2023 22:28:44 GMT
cache-control: public, max-age=1209600
age: 59464
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yazing.com/uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png
54.81.41.150200 OK 32 kB URL HTTP/1.1 yazing.com/uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png
IP 54.81.41.150:0
File type PNG image data, 156 x 156, 8-bit/color RGB, non-interlaced\012- data
Hash e73e4950ca69496813697388bd293d8e
5d318dc8a278e0557dd0a27001294b2bdfbbc67f
9b79ee4d11f956e94c8bf287a0f813bd48dc25f269f121685393abbb37e271e1
GET /uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 14:59:48 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sat, 08 Jan 2022 10:03:48 GMT
ETag: "7ee3-5d50f3844096e"
Accept-Ranges: bytes
Content-Length: 32483
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 8fa7d6c95e1c1510017f57ad4657c2b1
04a588ec0fd3676c265cf0f01ffd19a67daf0991
b2676631614b0e3bf2781fe0f11e8fef2a8b3b08ffa89b75c64cf54fd39a6f0e
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 20 Feb 2023 14:59:48 GMT
Last-Modified: Mon, 20 Feb 2023 13:50:04 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ftU0Gob0_0IKLMOTOMauysOeZDGgo_BzWhjQbZ4uZOJ7uikvJD0nXw==
Age: 4184
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 8fa7d6c95e1c1510017f57ad4657c2b1
04a588ec0fd3676c265cf0f01ffd19a67daf0991
b2676631614b0e3bf2781fe0f11e8fef2a8b3b08ffa89b75c64cf54fd39a6f0e
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122898
Date: Mon, 20 Feb 2023 14:59:48 GMT
Etag: "63f2b848-1d7"
Expires: Wed, 22 Feb 2023 01:08:06 GMT
Last-Modified: Mon, 20 Feb 2023 00:01:12 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wOD0wvPq6IMQ3oPmY2GSnMgprv7rWqq_aRDNTBjVWoXPtio0PskyPw==
Age: 4014
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 8fa7d6c95e1c1510017f57ad4657c2b1
04a588ec0fd3676c265cf0f01ffd19a67daf0991
b2676631614b0e3bf2781fe0f11e8fef2a8b3b08ffa89b75c64cf54fd39a6f0e
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 20 Feb 2023 14:59:48 GMT
Last-Modified: Mon, 20 Feb 2023 13:50:04 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6l5X7x1EGafgQcwLMRXqozAlZfhBqSsXtxuzOf99nAbHLSTR0-o5zA==
Age: 4184
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 8fa7d6c95e1c1510017f57ad4657c2b1
04a588ec0fd3676c265cf0f01ffd19a67daf0991
b2676631614b0e3bf2781fe0f11e8fef2a8b3b08ffa89b75c64cf54fd39a6f0e
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122898
Date: Mon, 20 Feb 2023 14:59:48 GMT
Etag: "63f2b848-1d7"
Expires: Wed, 22 Feb 2023 01:08:06 GMT
Last-Modified: Mon, 20 Feb 2023 00:01:12 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XADxhb1MBCJIwtyZKDPxFqO2HEKDjIwvdN_LsMgNuIC5ilrSKXjYkA==
Age: 4014
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 8fa7d6c95e1c1510017f57ad4657c2b1
04a588ec0fd3676c265cf0f01ffd19a67daf0991
b2676631614b0e3bf2781fe0f11e8fef2a8b3b08ffa89b75c64cf54fd39a6f0e
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 20 Feb 2023 14:59:48 GMT
Last-Modified: Mon, 20 Feb 2023 13:51:14 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8-XWwqF6gSBteMrMH5aYwbvK1XLm1exZKArynlOok3x3Oc81sJoF7Q==
Age: 4114
www.brizy.cloud/customfile/83514b99a26a80e89d4d5e894e4e99c3.mp4
3.95.91.48206 Partial Content 47 kB URL HTTP/1.1 www.brizy.cloud/customfile/83514b99a26a80e89d4d5e894e4e99c3.mp4
IP 3.95.91.48:0
Hash 1aaf90fd283f5131f44313ba92102f67
f63b2dc96ee39945f799a5a9767ca276e87b48b7
883765a6344411e12baee015c4f61b695dd9f84f960c7004f35905243041803c
GET /customfile/83514b99a26a80e89d4d5e894e4e99c3.mp4 HTTP/1.1
Host: www.brizy.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=4358144-
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx
Date: Mon, 20 Feb 2023 14:59:48 GMT
Content-Type: video/mp4
Content-Length: 47139
Connection: keep-alive
Cache-Control: public
Last-Modified: Mon, 20 Feb 2023 14:59:48 GMT
Content-Disposition: attachment; filename="Homepage-20video-20on-20White-mp4.mp4"
Accept-Ranges: bytes
Content-Range: bytes 4358144-4405282/4405283
Access-Control-Allow-Origin: *
www.youtube.com/embed/d36aPUaJ1Pg?autoplay=1&controls=0&start=2&end=2&modestbranding=1&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=d36aPUaJ1Pg
142.250.74.14200 OK 31 kB URL HTTP/2 www.youtube.com/embed/d36aPUaJ1Pg?autoplay=1&controls=0&start=2&end=2&modestbranding=1&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=d36aPUaJ1Pg
IP 142.250.74.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58608)
Hash 3d43b633e455fb58820e035d49b85e84
12fa611bea72663a43788f7e23eb19f5891b58d6
44d10c490fc72db9cd6a79dad972a5e1372a772c014ddca32102cf52a23e8fd4
GET /embed/d36aPUaJ1Pg?autoplay=1&controls=0&start=2&end=2&modestbranding=1&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=d36aPUaJ1Pg HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 20 Feb 2023 14:59:46 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=y1qquxUNw2E; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=0FKBVkTDc30; Domain=.youtube.com; Expires=Sat, 19-Aug-2023 14:59:46 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekl3TWpJMU1qa3pNekl5TmpnMk1UazFPUT09EOKVzp8GGOKVzp8G; Domain=.youtube.com; Expires=Sat, 19-Aug-2023 14:59:46 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+904; expires=Wed, 19-Feb-2025 14:59:46 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/57951.jpg
52.217.87.134200 OK 17 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/57951.jpg
IP 52.217.87.134:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:09:05 13:04:02], progressive, precision 8, 120x60, components 3\012- data
Hash 2eb6c9a4d272802dbb128ed38e7a5c52
2a63a5f3a9dd0699aa4f23c4f5d98f6e22ccbf6a
93dbc0025e3a8fe262efcaec2beaa45f1ed03a489ce77990c982b5768b267fb1
GET /logos.formetocoupon.com/120x60/57951.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: tnTt/zlXC0cY2vaW/wubtMeRsXFO+SGwzgS40b7arw/Jf7nqquOvjWUAPxRK6OyCP5tcrTgMZh8=
x-amz-request-id: A0380GKXFSBKDT21
Date: Mon, 20 Feb 2023 14:59:49 GMT
Last-Modified: Mon, 05 Sep 2022 11:04:21 GMT
ETag: "2eb6c9a4d272802dbb128ed38e7a5c52"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 17147
s3.amazonaws.com/logos.formetocoupon.com/120x60/26292.jpg
52.217.87.134200 OK 18 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/26292.jpg
IP 52.217.87.134:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:05:06 13:24:49], progressive, precision 8, 120x60, components 3\012- data
Hash 86bd7a6bafb03bf977b5bfb6dbd9b257
21176a627ec49bf1e3b653af00bfe4d16169dc35
c0bef7c49b6a52426c3767318bc374b73b2fce0484651927d3523e675892b3cb
GET /logos.formetocoupon.com/120x60/26292.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: an2hhgWneGW306ap/r1fMTMwTeuQuHbYzELQ1CbZo5XO+kXJYU+xYq1pIp6YN5VMSGRehMtdY7w=
x-amz-request-id: A03DR1CPG0FQCDSF
Date: Mon, 20 Feb 2023 14:59:49 GMT
Last-Modified: Thu, 06 May 2021 11:26:02 GMT
ETag: "86bd7a6bafb03bf977b5bfb6dbd9b257"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 18036
s3.amazonaws.com/logos.formetocoupon.com/120x60/41495.gif
52.217.87.134200 OK 2.0 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/41495.gif
IP 52.217.87.134:0
File type GIF image data, version 89a, 120 x 60\012- data
Hash d2f9432727658dae3f83f905b720e305
f814726824af56cd6c5cfc6a3e8f30736984e58b
5e14a9409d7a07f212dcab8a0c71e09fb38b2e442f23f7c6eab7757dd29697ea
GET /logos.formetocoupon.com/120x60/41495.gif HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: VWugWVkVpB7tAW0THBdDiETQVDgjDjwmLvn0zEI6yYMScDCOn8LUIq2+J5I6LHw7p5fcC22RWVU=
x-amz-request-id: A03FA11RFFN4ZQ30
Date: Mon, 20 Feb 2023 14:59:49 GMT
Last-Modified: Sat, 23 Nov 2019 16:16:43 GMT
ETag: "d2f9432727658dae3f83f905b720e305"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 2041
s3.amazonaws.com/logos.formetocoupon.com/120x60/58419.jpg
52.217.87.134200 OK 31 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/58419.jpg
IP 52.217.87.134:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:09:22 15:45:06], progressive, precision 8, 120x60, components 3\012- data
Hash 9a52447583f891dc387298edfecf8224
b4c08b55dc053987d8d66658d77123252464952b
b175347cb23506f45584585ed66d17e923c347cbd24640f8ba1e0ee52931a023
GET /logos.formetocoupon.com/120x60/58419.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: gZDLwG36Ci+FmSfW5phNyGOGXrbGdzS73IyRpJhJ/UzWvprAJ7VVaXgJr/xyp17rRZRFSzuUKG4=
x-amz-request-id: A038SZDD1DWSPHAA
Date: Mon, 20 Feb 2023 14:59:49 GMT
Last-Modified: Thu, 22 Sep 2022 13:45:23 GMT
ETag: "9a52447583f891dc387298edfecf8224"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 30939
s3.amazonaws.com/logos.formetocoupon.com/120x60/25268.gif
52.217.87.134200 OK 2.3 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/25268.gif
IP 52.217.87.134:0
File type GIF image data, version 89a, 120 x 60\012- data
Hash cf37554943d5538e103d21b3c3e39ed6
02748f407dfe962b12e77c47859d334983e35b58
524bbaa6c6f30d9c2bb4eea04ecb3ee579607de7702a4938ac9bb157d968cdbc
GET /logos.formetocoupon.com/120x60/25268.gif HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: +sg9ZjB5oWAZqRhof87nN3opAfMEmcQ8VpCHA7weNNXpaVz9eWWwfA7auKPocL0gEvJ3jmUVTG8=
x-amz-request-id: 07D2ZWVAHPZVNR52
Date: Mon, 20 Feb 2023 14:59:50 GMT
Last-Modified: Thu, 18 Feb 2016 20:24:04 GMT
ETag: "cf37554943d5538e103d21b3c3e39ed6"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 2343
s3.amazonaws.com/logos.formetocoupon.com/120x60/22812.jpg
52.217.87.134200 OK 21 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/22812.jpg
IP 52.217.87.134:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:05:10 11:47:02], progressive, precision 8, 120x60, components 3\012- data
Hash c50c2bc85b52acb7876414f60b0546d7
0406422809a1b8ae63e41e15d67727953773b7b3
d5b066192ae9c6eb4912a385fd4cb645bd3f3bc1b2567087b062e030a0c23a38
GET /logos.formetocoupon.com/120x60/22812.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 9E0kLR1corfuUdw6wCjfdz/AIJ4dYSTeLuXitBnbJZZZtU9JBpNixIFXK5q+MncGMxaesGjCDT8=
x-amz-request-id: A030060B7XYNCGRZ
Date: Mon, 20 Feb 2023 14:59:49 GMT
Last-Modified: Mon, 10 May 2021 09:47:19 GMT
ETag: "c50c2bc85b52acb7876414f60b0546d7"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 20872
b-cloud.b-cdn.net/builds/pro/126-cloud/js/preview.pro.js
194.242.11.186200 OK 104 kB URL HTTP/2 b-cloud.b-cdn.net/builds/pro/126-cloud/js/preview.pro.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Unicode text, UTF-8 text, with very long lines (38637), with NEL line terminators
Size 104 kB (103987 bytes)
Hash 38fb4836e6811bae244657e467dcb22f
a821a63fc7299eec1ec81c461dc2f8fef82218c0
0e14b9c1e8e23dc9ba7544ed86498436fa52f6516c30c19a2d7bab1956014995
GET /builds/pro/126-cloud/js/preview.pro.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:45 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"5c88d2b7889841e346347344260d6669"
last-modified: Tue, 31 Jan 2023 10:24:53 GMT
x-amz-id-2: re+fbLd05LiIRny/Jjrct93Uc68/eVsF7UimDLoKavRvrWLGPmkX18vEulah6lNnkVMWE8qQsao=
x-amz-request-id: PMBX563V3H08WGNQ
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/31/2023 12:56:41
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/126-cloud/js/preview.pro.js>; rel="canonical"
cdn-status: 200
cdn-requestid: a1e0d783b97dc8a76b973afbd04adbf4
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/17882.gif
52.217.87.134200 OK 4.8 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/17882.gif
IP 52.217.87.134:0
File type GIF image data, version 87a, 120 x 60\012- data
Hash eb76f79e52dcec0d7dac8e288098999b
91d2d7a0f6c0dd0e177901fa2d5fba92b6125d9e
d5b37c1412acf7b99c92f660504179a7b0366402c94758ca6af9a676a5e20687
GET /logos.formetocoupon.com/120x60/17882.gif HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: lCUNy5dEAfD1tRbpPJatjgqpx/d8RJwPCwWcbZjKmu4qhNtLKkpzWIm8/OKwIdRA7Zl+bishQOw=
x-amz-request-id: 07D1MK9P8D86YYEV
Date: Mon, 20 Feb 2023 14:59:50 GMT
Last-Modified: Fri, 11 Apr 2014 21:10:45 GMT
ETag: "eb76f79e52dcec0d7dac8e288098999b"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 4769
s3.amazonaws.com/logos.formetocoupon.com/120x60/53938.jpg
52.217.87.134200 OK 24 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/53938.jpg
IP 52.217.87.134:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:02:03 14:23:28], baseline, precision 8, 120x60, components 3\012- data
Hash f41c610227bd8a78a04162ddc6986ac2
5f00291069a668314dcc04d60727517796709a18
5ca756b97453abea9bd1fdd3a020adb8cafc24a614cc37caa4accb9fd7b8cbf8
GET /logos.formetocoupon.com/120x60/53938.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: O+feIhG1YmQQ987lOvDKyjg+EapK174WClQhhERuC0gYG57irie8WH9JEohJt3kdZvu1zFV6nVE=
x-amz-request-id: A03639X21WPA6PXD
Date: Mon, 20 Feb 2023 14:59:49 GMT
Last-Modified: Thu, 03 Feb 2022 12:23:40 GMT
ETag: "f41c610227bd8a78a04162ddc6986ac2"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 23792
d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
108.157.217.203200 OK 793 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
IP 108.157.217.203:0
File type ASCII text, with very long lines (2368)
Hash bc64ed57c4e7bb8ef87053dbcfc9388d
343f9d27e71834ac40fd605d69641a2441d2f9a0
5f7e7c9a4a502840ac007fa7acca0ddf6fa8b0a935234f23bfeb737a53d9579f
GET /assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 793
date: Mon, 23 Jan 2023 23:06:00 GMT
server: nginx
last-modified: Sun, 22 Jan 2023 10:15:29 GMT
content-encoding: gzip
expires: Thu, 20 Jan 2033 23:06:00 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2bc8da8a8d03748525187195f797d86.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: hImHLcgK1XWI044EQhv80oQ9Ld0XTtgMVSxp2IwpKCmEa4JWU4TMXQ==
age: 2390029
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2521900674.0223/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 12 kB URL HTTP/2 ih1.redbubble.net/image.2521900674.0223/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 4f656d55e30a35cccb4bc94a74f0df52
19ae51457ecb9dbeac9a0d7d1ae42f9156563056
70b55f3994d82e9bf29d7f59509bb9d010d379e6e3d6901f289bf825fe5e15a0
GET /image.2521900674.0223/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 15748026
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Mon, 20 Feb 2023 14:59:49 GMT
etag: W/"70b55f3994d82e9bf29d7f59509bb9d0"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F71E)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: ee84e291-69ac-49ed-ab14-b532dcc3fe55
x-xss-protection: 1; mode=block
content-length: 11509
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2501823087.1427/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 13 kB URL HTTP/2 ih1.redbubble.net/image.2501823087.1427/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 41a7ff2b932518137a3d3ed4e75cff14
12788c351920ae2e6a6915c80ea0f1cae9106382
281a8d6feb56d70c6a48c55fbf412a1d8e6fe90435118f7571a8635c0f706ceb
GET /image.2501823087.1427/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 15748026
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Mon, 20 Feb 2023 14:59:49 GMT
etag: W/"281a8d6feb56d70c6a48c55fbf412a1d"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F71B)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: d5f2891d-027d-4541-8e68-d499a6d21006
x-xss-protection: 1; mode=block
content-length: 12808
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2446110696.1260/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 18 kB URL HTTP/2 ih1.redbubble.net/image.2446110696.1260/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash cbeccae7615c2abb796b18362413fca1
786507630ef7d824bf8b40a916bb291925c6f8f3
dbafa1cf5b6b67e92b03ca7ec815306d430a7e5909e4976c1678942b12296d67
GET /image.2446110696.1260/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 6746204
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Mon, 20 Feb 2023 14:59:49 GMT
etag: W/"dbafa1cf5b6b67e92b03ca7ec815306d"
last-modified: Sun, 04 Dec 2022 13:03:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F708)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 265760a0-67d0-4cb0-8773-7754a3305ec0
x-xss-protection: 1; mode=block
content-length: 18020
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2615416373.1429/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 12 kB URL HTTP/2 ih1.redbubble.net/image.2615416373.1429/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 4ed24b51630a165d7ab03688d1325d25
c726cb712f4cd72bf5c564a7dc0ad0ebbf9d2a52
19914bb432c06112f7f8b4878fbfbb15d4610cac7de7e1e4cada665e77dc02ac
GET /image.2615416373.1429/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 8198575
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Mon, 20 Feb 2023 14:59:49 GMT
etag: W/"19914bb432c06112f7f8b4878fbfbb15"
last-modified: Thu, 17 Nov 2022 17:36:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F709)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: e3905e0b-d695-4b0b-8efc-7a4564418686
x-xss-protection: 1; mode=block
content-length: 12230
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2423146004.3028/raf,220x200,075,t,black.u5.jpg
68.232.35.237200 OK 7.1 kB URL HTTP/2 ih1.redbubble.net/image.2423146004.3028/raf,220x200,075,t,black.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash ea2e9b008dd5ea4ae82bd436910c2533
9b839ada94e09772f01c49af1032b9f046e9b6ed
0220c6be7d3cfcffc662fcab4c31803925ec7e294e4165098a1b364ad8800ace
GET /image.2423146004.3028/raf,220x200,075,t,black.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 15748026
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Mon, 20 Feb 2023 14:59:49 GMT
etag: W/"0220c6be7d3cfcffc662fcab4c318039"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F716)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 0c943895-8cf5-4c7d-88fc-024373c4d11a
x-xss-protection: 1; mode=block
content-length: 7140
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2579261137.2872/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 10 kB URL HTTP/2 ih0.redbubble.net/image.2579261137.2872/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash b76c5fc72cbdc548cf7f48bb305a3d3f
dc8ee860f4d0d17dabbaec4b0b37c0d7514464c6
ba0865ca0df9021211a47e677772b85d96f2a01dbb54c4314caa379816800f06
GET /image.2579261137.2872/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 6141164
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Mon, 20 Feb 2023 14:59:49 GMT
etag: W/"ba0865ca0df9021211a47e677772b85d"
last-modified: Sun, 11 Dec 2022 13:07:05 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F704)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 81b8040b-ae19-4846-acc2-0dc83718b3ef
x-xss-protection: 1; mode=block
content-length: 10402
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2615509652.3915/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 9.5 kB URL HTTP/2 ih0.redbubble.net/image.2615509652.3915/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash bec24a797621dc1b550df36956ebada4
2e28ce3cc5e85db3d2c5fb26f7a328f594a620c8
4e57c4041246929caec036f63290e869dea5923090d2e263a083a0cd9df0f51b
GET /image.2615509652.3915/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 11646724
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Mon, 20 Feb 2023 14:59:49 GMT
etag: W/"4e57c4041246929caec036f63290e869"
last-modified: Sat, 08 Oct 2022 19:47:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F6FC)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: b0ac1ab6-a28b-4a96-a7b6-4f1b185ea558
x-xss-protection: 1; mode=block
content-length: 9544
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2609329537.2892/raf,220x200,075,t,white.u5.jpg
68.232.35.237200 OK 13 kB URL HTTP/2 ih0.redbubble.net/image.2609329537.2892/raf,220x200,075,t,white.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 7c729abcf1fb3cbc2c5338f004443fc8
ba2199b908015be4eb601ea363fa1e6a05e6109a
c350b44a154b399e0bef5fafa2ce0bbabd485db22ed9531b4566a297704c2898
GET /image.2609329537.2892/raf,220x200,075,t,white.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 3957028
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Mon, 20 Feb 2023 14:59:49 GMT
etag: W/"c350b44a154b399e0bef5fafa2ce0bba"
last-modified: Thu, 05 Jan 2023 19:49:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F6FC)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: bbbec080-8758-4f4c-bc9f-46a573131e8b
x-xss-protection: 1; mode=block
content-length: 13202
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2503050093.7512/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 14 kB URL HTTP/2 ih0.redbubble.net/image.2503050093.7512/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash a1a091afde7b0a602c3bb668fe15e8b3
3bc1c0afd5a02a5440fd3563d8c94dbf35a35d88
837c72675526f060b64fc4178d180a6b4aa40badc1660dea0b43cfaf12c87137
GET /image.2503050093.7512/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 6656427
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Mon, 20 Feb 2023 14:59:49 GMT
etag: W/"837c72675526f060b64fc4178d180a6b"
last-modified: Mon, 05 Dec 2022 13:59:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F70E)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: effd63d9-ce2f-456e-b79a-5328e5a37ac8
x-xss-protection: 1; mode=block
content-length: 14514
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73cb0956cdae60a803936ca758a2fa17
13d810ccda93453d4832d7a96fbfb1e5908aedfa
3e9723f54e9abff4f70d5cd908a9738c155e9ebe9b46417e209c369ca5e0d437
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E9723F54E9ABFF4F70D5CD908A9738C155E9EBE9B46417E209C369CA5E0D437"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1298
Expires: Mon, 20 Feb 2023 15:21:27 GMT
Date: Mon, 20 Feb 2023 14:59:49 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0d9db198f17c01e84f09620c584a56ba
ec95a8ad22cea81dd42529fed9c465da80a76f41
db3d3ba4798ce456e49f786fae478aa118bb75033e2918173aae3254bfd98bfa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.102200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.102:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Feb 2023 14:46:33 GMT
expires: Mon, 20 Feb 2023 15:01:33 GMT
cache-control: public, max-age=900
age: 796
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2d1e45fdcb53d48872bb9dc52362342f
8460844b107ab98460ab94f67aa9016a05166ee7
c5d53c50c30df98e6141bd587b92918cd77d42a9b36fc6e32ee18de551c7c9b5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=www.morecouponstogo.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.morecouponstogo.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.morecouponstogo.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 20 Feb 2023 14:59:49 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=www.morecouponstogo.com
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.morecouponstogo.com
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.morecouponstogo.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 20 Feb 2023 14:59:49 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0d9db198f17c01e84f09620c584a56ba
ec95a8ad22cea81dd42529fed9c465da80a76f41
db3d3ba4798ce456e49f786fae478aa118bb75033e2918173aae3254bfd98bfa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1ielco78gv5pf.cloudfront.net/assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png
108.157.217.203200 OK 753 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png
IP 108.157.217.203:0
File type PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 95b83ee0d2cb98b5133345024a14031e
fb1f79f434185cabeda75b895cb0e98113c8c6ec
5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0
GET /assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 753
date: Mon, 23 Jan 2023 23:06:00 GMT
server: nginx
last-modified: Sun, 22 Jan 2023 10:15:28 GMT
expires: Thu, 20 Jan 2033 23:06:00 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-cache: Hit from cloudfront
via: 1.1 e2bc8da8a8d03748525187195f797d86.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: ZuKHCJ5kCA_eOeCf7kp5UuNo_KNH8j8pIn9QigP0V1vAmYfQ0pP9DA==
age: 2390028
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png
108.157.217.203200 OK 147 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png
IP 108.157.217.203:0
File type PNG image data, 7 x 10, 8-bit gray+alpha, non-interlaced\012- data
Hash aafe97f737c068ef75a9410c8a45f5a4
0d1856e53194b2a68d1976a21fe05d20eac683b6
44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47
GET /assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 147
date: Fri, 27 May 2022 01:22:02 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=315360000, public
etag: "628dff80-93"
expires: Mon, 24 May 2032 01:22:02 GMT
last-modified: Wed, 25 May 2022 10:05:52 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 e2bc8da8a8d03748525187195f797d86.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Uom1_DXw6vHWWNaRji4ByMhk_GD-ylv3d058QHxvQNvMN9sYZ_p2Ww==
age: 23290667
X-Firefox-Spdy: h2
cdn.gravitec.media/track.min.js
45.133.44.4200 OK 2.5 kB URL HTTP/2 cdn.gravitec.media/track.min.js
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Hash 290d7ed95d8bfc3fab582577e2d9a9d8
b6f7e50fb20e7375e3c98d064961b2d4c2dbc97b
cd18746efd7105ce76d876bba1264d568832a878bda976f31b4e2e22ab2b78ba
GET /track.min.js HTTP/1.1
Host: cdn.gravitec.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:49 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
etag: W/"5dde8d82-11d5"
cache-control: max-age=7776000
access-control-allow-origin: *
content-encoding: gzip
expires: Sun, 21 May 2023 14:59:49 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b192ff7e67001f85ab366563eb7e7e79
2758a603e9d484889c558d0f774984f387d0c342
31c933a49d2bcaa6d7851045de2835ec30e8f686048ed369dac64843956c25ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31C933A49D2BCAA6D7851045DE2835EC30E8F686048ED369DAC64843956C25CE"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15934
Expires: Mon, 20 Feb 2023 19:25:23 GMT
Date: Mon, 20 Feb 2023 14:59:49 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 791e968cee662a01bec431c498be07a0
5c71afdd7015734d07be2df1ad79e28ef1646ae2
6ccf96b85392ec77423ec2f2b756909a0de6480867502680d35036e95964b712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&alr=yes&id=30039
172.217.21.174200 OK 235 B URL HTTP/2 redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&alr=yes&id=30039
IP 172.217.21.174:0
File type ASCII text, with no line terminators
Hash 998ff49a65236a229a5c027d9ee0d9da
e053b2baecafe7ad24d5fc903b355277a02e5734
ccd47d4a7b041b3833a1cab931fae58f1e76e132f22adc9685ada9f433edc0a4
GET /initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&alr=yes&id=30039 HTTP/1.1
Host: redirector.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
content-type: text/plain; charset=UTF-8
content-encoding: gzip
server: ClientMapServer
content-length: 235
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&alr=yes&id=70241
172.217.21.174200 OK 235 B URL HTTP/2 redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&alr=yes&id=70241
IP 172.217.21.174:0
File type ASCII text, with no line terminators
Hash 1fe8b8f66352e2382a7527eb2f2c7047
7be527b9df56ddc4421ae747c2e1e792f1a16152
d133208c9bb5f3a7905f700cd41a65dc6abadb28941bf8ba7797aaceb56c0c1c
GET /initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&alr=yes&id=70241 HTTP/1.1
Host: redirector.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
content-type: text/plain; charset=UTF-8
content-encoding: gzip
server: ClientMapServer
content-length: 235
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 791e968cee662a01bec431c498be07a0
5c71afdd7015734d07be2df1ad79e28ef1646ae2
6ccf96b85392ec77423ec2f2b756909a0de6480867502680d35036e95964b712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 20 Feb 2023 14:59:49 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.gravitec.media/api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=35f9332a-d122-45fd-b08d-918ea46250b6&utmb=bb4ddb45-62f8-48d3-8dcb-509f8e954c03&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F
35.214.184.209201 Created 0 B URL HTTP/2 api.gravitec.media/api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=35f9332a-d122-45fd-b08d-918ea46250b6&utmb=bb4ddb45-62f8-48d3-8dcb-509f8e954c03&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F
IP 35.214.184.209:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=35f9332a-d122-45fd-b08d-918ea46250b6&utmb=bb4ddb45-62f8-48d3-8dcb-509f8e954c03&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F HTTP/1.1
Host: api.gravitec.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 201 Created
server: nginx
date: Mon, 20 Feb 2023 14:59:49 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
x-correlation-id: f870f94aec5dac9623283732305247e0
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash fe5293ce696a3436cfb4c33c08084ddd
a54ab3c948d19dc2bd160a544cfcade99877d42b
a3c0d7ff112dcd8df65e3a1c3b4278dab2ab296e00f23596e9fc380dc1d05a7d
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 20 Feb 2023 14:59:49 GMT
server: ESF
cache-control: private
content-length: 30808
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b53bc403e0ab0570909b47c9976c4bc3
ac75251663f22d11671b8089f0b1d8d868844764
bd84b9ecba7b9a74d49c6d7a56df5e8a5d813bbd8dac93714d5b68f2de2181af
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 04e52097ed6f33dd0a21f9196d95ce03
bf1d4a111cee79779c6365918cb0984d2c35afb8
c423c3fb9add58ea5b5df8684a84441b25b6d0bb65ded297ba702ea0d4449c09
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/nip8E9ASw52gOJQxdluWu8PK6GgTMaw87ja5NFJnc8le4062UgDFMgxzd2_UmGmz3PbyvBBG=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.9 kB URL HTTP/2 yt3.ggpht.com/nip8E9ASw52gOJQxdluWu8PK6GgTMaw87ja5NFJnc8le4062UgDFMgxzd2_UmGmz3PbyvBBG=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 73eea0bc3378ebdf7f3ed8311b2d1f9e
44bc2e5b5f953c901df6237b49c825b354671391
2dc9e7612ab1864f756e75873319ca21e35da2f0a19a7ab0e20e6ac9ce71811f
GET /nip8E9ASw52gOJQxdluWu8PK6GgTMaw87ja5NFJnc8le4062UgDFMgxzd2_UmGmz3PbyvBBG=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2924
x-xss-protection: 0
date: Mon, 20 Feb 2023 14:59:49 GMT
expires: Mon, 20 Feb 2023 23:58:18 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bdae5e9d9d49570786f6a29d26927945
1daa59ea8107fe9f2e02a5991024786c45cf617e
b0f3f0347ffe99fef90e84c9d2be5ede7c13e6946a7dae2d3eae3ce44463520c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 20 Feb 2023 14:59:49 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d5b9baf73faa8094bf3ba82c6f381957
4e168dff594752704e3e181804de6ba18e35e59b
5feabc1a48b406c2b0e105e5c219b6dd1744422182b05e0e0d27c6e6a7c60b51
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1252
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 20 Feb 2023 14:59:49 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif
108.157.217.203200 OK 1.8 kB URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif
IP 108.157.217.203:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 53c8654b9584bb9f925f2e9f12a3a365
69b347445a08ef2e1235cb8ff2fad484d59ae7d3
8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d
GET /assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 1785
date: Mon, 23 Jan 2023 15:13:33 GMT
server: nginx
last-modified: Sun, 22 Jan 2023 10:15:28 GMT
expires: Thu, 20 Jan 2033 15:13:33 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-cache: Hit from cloudfront
via: 1.1 e2bc8da8a8d03748525187195f797d86.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: nh9IaDQzYYrX-_17MhEOJC9uZ11Dx_ca7Xd2__OnHGOhag2HzrgHUA==
age: 2418376
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 89e50e2cc1cfbd240019801571e1400c
ba352e7358d36eecd139c9ac790346d367a3d3f6
8f7f90579dcc10248d7f39120aede89a86ed8768442ecbe020e49518c2455cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 89e50e2cc1cfbd240019801571e1400c
ba352e7358d36eecd139c9ac790346d367a3d3f6
8f7f90579dcc10248d7f39120aede89a86ed8768442ecbe020e49518c2455cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a5e887477593c01bb60a3490164f5307
ce0e0bdcd0c69929367106c83dd6b635697f4762
81094dcda3b8e6ab285c196cd8a4c02d1e2500fe20fadbe9ef8ce6bd149141df
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 20 Feb 2023 14:59:50 GMT
server: ESF
cache-control: private
content-length: 30912
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 802dfa5c8d5d5fc162a3850bf53647c0
4b3b90d770557e9803de31d16e55ed8ee10cb75c
a0cbf6cdb36cb16f36d4e3b1652fa3a756a8b428519f736aec12cbe93b6184e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/j2LPsnldu2GyYoji2gksVoIfKyMuE54osvGF69eRixc.js
142.250.74.132200 OK 14 kB URL HTTP/2 www.google.com/js/th/j2LPsnldu2GyYoji2gksVoIfKyMuE54osvGF69eRixc.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (36212)
Hash 95ea09baa0f0a6abfed9f2369fe28979
49b89e5107f8866d6613fa6641fec90cb2ee3ca9
7c3d3c237eab6377d87404e68fad4ca16a8fd3238a0a810dfcac7f2e066d9d9f
GET /js/th/j2LPsnldu2GyYoji2gksVoIfKyMuE54osvGF69eRixc.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14302
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Feb 2023 20:25:34 GMT
expires: Fri, 16 Feb 2024 20:25:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 13 Feb 2023 15:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 326056
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r2---sn-capm-vnae.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=0&ovd=0&oaad=0&oavd=0&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&ms=au&id=4e07b81a04669ab6&cpn=OflqywnvP48BRWkw&opr=1&por=1&rn=1
91.90.45.173200 OK 9.2 kB URL HTTP/1.1 r2---sn-capm-vnae.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=0&ovd=0&oaad=0&oavd=0&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&ms=au&id=4e07b81a04669ab6&cpn=OflqywnvP48BRWkw&opr=1&por=1&rn=1
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
Hash 56d78e329ca94e678e83337aae4348be
555d1ae967de53e67a4598844759a72ccfe00cf5
591eb09a38464dab2a8a1db9dd6bbda45aec47837c185c34318a735c1e514bbc
POST /initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=0&ovd=0&oaad=0&oavd=0&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&ms=au&id=4e07b81a04669ab6&cpn=OflqywnvP48BRWkw&opr=1&por=1&rn=1 HTTP/1.1
Host: r2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3440
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 20 Feb 2023 14:59:50 GMT
Expires: Tue, 21 Feb 2023 14:59:50 GMT
Cache-Control: public, max-age=86400
Content-Type: application/vnd.yt-ump
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 71bae25222dd366e788d21e15dd35e01
5a8ac305d3738b1618c03fcbd51d63c9f61cb8c2
8c3a725bce43ae98b5b8f8ab03e35bf67a4bdc09510f17285914e559e1c61ac4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js
142.250.74.132200 OK 14 kB URL HTTP/2 www.google.com/js/th/e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (36180)
Hash 6caf3ddf47bad942732577bf1cd634ed
5930e4cdb4173c5ffa3f9e2eaf7ecc147623dd0c
cc13b4b51d92ba1992ec59da7b670f2a66cf5ffd4907061f911349e925a218b7
GET /js/th/e-T0LC6veq6xndVnxNZYDs0k2YzO3ng5pgwYiLLC-NE.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14345
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Feb 2023 06:51:07 GMT
expires: Mon, 19 Feb 2024 06:51:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 115723
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/0nxwujvI9-4?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
142.250.74.14200 OK 120 B URL HTTP/2 www.youtube.com/embed/0nxwujvI9-4?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
IP 142.250.74.14:0
Hash 9ae39b4e148d9bc893acf6af0eb5f124
30101ab67ccea679114c33d414818301d1ef0a23
051c742520c7f43e647d8bc5256d4059502d4fed32bdefc112ed3a3e208326d8
GET /embed/0nxwujvI9-4?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 20 Feb 2023 14:59:46 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=6xXz-7JdLPg; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekl3TWpJMU1qa3pNemd5T0RJME5qYzVPQT09EOKVzp8GGOKVzp8G; Domain=.youtube.com; Expires=Sat, 19-Aug-2023 14:59:46 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=8x8rb6jaQ1c; Domain=.youtube.com; Expires=Sat, 19-Aug-2023 14:59:46 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+527; expires=Wed, 19-Feb-2025 14:59:46 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/0nxwujvI9-4/sddefault.webp
142.250.74.182200 OK 30 kB URL HTTP/2 i.ytimg.com/vi_webp/0nxwujvI9-4/sddefault.webp
IP 142.250.74.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f1cb691ce049a9b172f34b7f07539211
62518e66afefd5186f273284c0f669ed0389a401
4729ab37821acb4bd0885e11eaa8807077b62aa8ad128e8c436597749c5f787b
GET /vi_webp/0nxwujvI9-4/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 29482
date: Mon, 20 Feb 2023 14:59:50 GMT
expires: Mon, 20 Feb 2023 16:59:50 GMT
cache-control: public, max-age=7200
etag: "1667228521"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/ZFBI_JoDwew/sddefault.webp
142.250.74.182200 OK 21 kB URL HTTP/2 i.ytimg.com/vi_webp/ZFBI_JoDwew/sddefault.webp
IP 142.250.74.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9bc80783dd42606a38e3210ad1b3711d
28445b6ec0a0426acf5164a6df5076b7303347a6
3248bd00f508984ec3bdaea739c1f2a745768a30e6d897c2aa4d928ad84ac54e
GET /vi_webp/ZFBI_JoDwew/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 21248
date: Mon, 20 Feb 2023 14:59:50 GMT
expires: Mon, 20 Feb 2023 16:59:50 GMT
cache-control: public, max-age=7200
etag: "1648682389"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 71bae25222dd366e788d21e15dd35e01
5a8ac305d3738b1618c03fcbd51d63c9f61cb8c2
8c3a725bce43ae98b5b8f8ab03e35bf67a4bdc09510f17285914e559e1c61ac4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c7730bf43341396c24e181aeb3176a51
13ba53a82e50fa30c077f13362b6aa750bd7258f
6f35d7de93926d486f9454edede7bd6afeb5a7463af1c902329c0177ff0d27c7
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1242
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 20 Feb 2023 14:59:50 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 9f371abf3f57b788489b1b51e0b9f86a
b1fde940659b97d807914ee3464fee18dff2c654
56137c45f12cbe04754cf5b50dd5896790a6fb01007b2cf8353f6e7509107dfe
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 20 Feb 2023 14:59:50 GMT
server: ESF
cache-control: private
content-length: 30863
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b3c1170865f303f13d4942cfaf8b058c
f39c9b8b82f9d1e67d772102ad5e7db899bd8f1c
90c334604b5638d274ed375e3ffb758f1020cf0a2287f1a97ad2da6525ac963e
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1170
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 20 Feb 2023 14:59:50 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash be4b5867a1fda7b3e2d1590d0a7907c9
fa8f324c1fb2742c40cfc634858497e981040aea
9cd81edae42954ec388c163397f13f5cb445a48769a35d499d995a90cee2959b
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 20 Feb 2023 14:59:50 GMT
server: ESF
cache-control: private
content-length: 30963
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fe2946867b81746043f1c26d328f3c26
04581d391624c84e66a0ff2293ebb511486caeb0
1c636ca4a0843597b4e0580447216b402c6ce9f3797162cb43fd17c3ab2e9a03
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1008
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 20 Feb 2023 14:59:51 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1676926790&ei=5orzY8zkAoHbyAXMyIW4BQ&ip=91.90.42.154&id=o-AI55Kywf1dj2ZhBRP6piIxN8_duug4S_gDaccz5kc46B&itag=242&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1840000&spc=H3gIhloOGvkFA7FI-SDAlHmS4BLh-fT8NJezvXGpZ7BTy3VWvw&vprv=1&mime=video%2Fwebm&ns=CIm8lJ77zY7BXwLu-mF7dGkL&gir=yes&clen=210419&dur=9.766&lmt=1644075043573011&mt=1676904802&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=XIJ4qx1m9pwvmA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIcHPZ1s5Mnhh5ruaFnoVQvhLlxhHLj6Z_yTUYreXZ5SAiAF8fBn-30XMzzxlL7xwb8qNvMVILoKq3_LUqIV1hSl4g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgGl7B4lDmT5G3eNc2cFRSpBuD1uLPKTn2cLbc-qDohwoCIFr8sxN0-YIhLkQM_4Sb9LELY2RdsK9R1VYyzeYYjb3R&alr=yes&cpn=OflqywnvP48BRWkw&cver=1.20230215.01.00&range=0-65787&rn=2&rbuf=0&pot=DzPHdAaDhfTLM_s_Mgc8LxriuJkATBbSCPkOi0s5LzeVjeY5L_WlB_yqX4V8j3Xy_e49CqSfmQtZu7t6VMHU2qlJ34E5tFslNABVcaeUDUst1Oeoadxz4eqlWSV74GFouXs5DX-66J9Z
91.90.45.172200 OK 1.2 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1676926790&ei=5orzY8zkAoHbyAXMyIW4BQ&ip=91.90.42.154&id=o-AI55Kywf1dj2ZhBRP6piIxN8_duug4S_gDaccz5kc46B&itag=242&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1840000&spc=H3gIhloOGvkFA7FI-SDAlHmS4BLh-fT8NJezvXGpZ7BTy3VWvw&vprv=1&mime=video%2Fwebm&ns=CIm8lJ77zY7BXwLu-mF7dGkL&gir=yes&clen=210419&dur=9.766&lmt=1644075043573011&mt=1676904802&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=XIJ4qx1m9pwvmA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIcHPZ1s5Mnhh5ruaFnoVQvhLlxhHLj6Z_yTUYreXZ5SAiAF8fBn-30XMzzxlL7xwb8qNvMVILoKq3_LUqIV1hSl4g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgGl7B4lDmT5G3eNc2cFRSpBuD1uLPKTn2cLbc-qDohwoCIFr8sxN0-YIhLkQM_4Sb9LELY2RdsK9R1VYyzeYYjb3R&alr=yes&cpn=OflqywnvP48BRWkw&cver=1.20230215.01.00&range=0-65787&rn=2&rbuf=0&pot=DzPHdAaDhfTLM_s_Mgc8LxriuJkATBbSCPkOi0s5LzeVjeY5L_WlB_yqX4V8j3Xy_e49CqSfmQtZu7t6VMHU2qlJ34E5tFslNABVcaeUDUst1Oeoadxz4eqlWSV74GFouXs5DX-66J9Z
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1245), with no line terminators
Hash dd2b2afa4dc3bbf14b9928fd30b31501
be117e1c57c4ab0da3a01785a7460e0a5d6b7bba
0a0ec0ea655f76619844a610df43a4e63d50674da4d68e2bb69fc043ca9bb14c
POST /videoplayback?expire=1676926790&ei=5orzY8zkAoHbyAXMyIW4BQ&ip=91.90.42.154&id=o-AI55Kywf1dj2ZhBRP6piIxN8_duug4S_gDaccz5kc46B&itag=242&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1840000&spc=H3gIhloOGvkFA7FI-SDAlHmS4BLh-fT8NJezvXGpZ7BTy3VWvw&vprv=1&mime=video%2Fwebm&ns=CIm8lJ77zY7BXwLu-mF7dGkL&gir=yes&clen=210419&dur=9.766&lmt=1644075043573011&mt=1676904802&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=XIJ4qx1m9pwvmA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIcHPZ1s5Mnhh5ruaFnoVQvhLlxhHLj6Z_yTUYreXZ5SAiAF8fBn-30XMzzxlL7xwb8qNvMVILoKq3_LUqIV1hSl4g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgGl7B4lDmT5G3eNc2cFRSpBuD1uLPKTn2cLbc-qDohwoCIFr8sxN0-YIhLkQM_4Sb9LELY2RdsK9R1VYyzeYYjb3R&alr=yes&cpn=OflqywnvP48BRWkw&cver=1.20230215.01.00&range=0-65787&rn=2&rbuf=0&pot=DzPHdAaDhfTLM_s_Mgc8LxriuJkATBbSCPkOi0s5LzeVjeY5L_WlB_yqX4V8j3Xy_e49CqSfmQtZu7t6VMHU2qlJ34E5tFslNABVcaeUDUst1Oeoadxz4eqlWSV74GFouXs5DX-66J9Z HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Mon, 20 Feb 2023 14:59:51 GMT
Expires: Mon, 20 Feb 2023 14:59:51 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1245
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1676926790&ei=5orzY8zkAoHbyAXMyIW4BQ&ip=91.90.42.154&id=o-AI55Kywf1dj2ZhBRP6piIxN8_duug4S_gDaccz5kc46B&itag=251&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1840000&spc=H3gIhloOGvkFA7FI-SDAlHmS4BLh-fT8NJezvXGpZ7BTy3VWvw&vprv=1&mime=audio%2Fwebm&ns=CIm8lJ77zY7BXwLu-mF7dGkL&gir=yes&clen=142602&dur=9.801&lmt=1644075043895481&mt=1676904802&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=XIJ4qx1m9pwvmA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgaMAQjqSjzEeOLXDeJbSK51o_W4YdwO28lOMyh82NKl4CIFa8U4xexEPEnCLdZRhUEDK_8Pu15w2T9UyORPNKFzth&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgGl7B4lDmT5G3eNc2cFRSpBuD1uLPKTn2cLbc-qDohwoCIFr8sxN0-YIhLkQM_4Sb9LELY2RdsK9R1VYyzeYYjb3R&alr=yes&cpn=OflqywnvP48BRWkw&cver=1.20230215.01.00&range=0-65812&rn=3&rbuf=0&pot=DzPHdAaDhfTLM_s_Mgc8LxriuJkATBbSCPkOi0s5LzeVjeY5L_WlB_yqX4V8j3Xy_e49CqSfmQtZu7t6VMHU2qlJ34E5tFslNABVcaeUDUst1Oeoadxz4eqlWSV74GFouXs5DX-66J9Z
91.90.45.172200 OK 66 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1676926790&ei=5orzY8zkAoHbyAXMyIW4BQ&ip=91.90.42.154&id=o-AI55Kywf1dj2ZhBRP6piIxN8_duug4S_gDaccz5kc46B&itag=251&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1840000&spc=H3gIhloOGvkFA7FI-SDAlHmS4BLh-fT8NJezvXGpZ7BTy3VWvw&vprv=1&mime=audio%2Fwebm&ns=CIm8lJ77zY7BXwLu-mF7dGkL&gir=yes&clen=142602&dur=9.801&lmt=1644075043895481&mt=1676904802&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=XIJ4qx1m9pwvmA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgaMAQjqSjzEeOLXDeJbSK51o_W4YdwO28lOMyh82NKl4CIFa8U4xexEPEnCLdZRhUEDK_8Pu15w2T9UyORPNKFzth&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgGl7B4lDmT5G3eNc2cFRSpBuD1uLPKTn2cLbc-qDohwoCIFr8sxN0-YIhLkQM_4Sb9LELY2RdsK9R1VYyzeYYjb3R&alr=yes&cpn=OflqywnvP48BRWkw&cver=1.20230215.01.00&range=0-65812&rn=3&rbuf=0&pot=DzPHdAaDhfTLM_s_Mgc8LxriuJkATBbSCPkOi0s5LzeVjeY5L_WlB_yqX4V8j3Xy_e49CqSfmQtZu7t6VMHU2qlJ34E5tFslNABVcaeUDUst1Oeoadxz4eqlWSV74GFouXs5DX-66J9Z
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash a3e5161d67b6bcdbc2900f34d1b62837
70cfc40fc73887edd4962521d8a1f4355c2ae0ec
16b997a701a210873b11d55fb91acd40c67ac75f0cb35f6af030685640ad6647
POST /videoplayback?expire=1676926790&ei=5orzY8zkAoHbyAXMyIW4BQ&ip=91.90.42.154&id=o-AI55Kywf1dj2ZhBRP6piIxN8_duug4S_gDaccz5kc46B&itag=251&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1840000&spc=H3gIhloOGvkFA7FI-SDAlHmS4BLh-fT8NJezvXGpZ7BTy3VWvw&vprv=1&mime=audio%2Fwebm&ns=CIm8lJ77zY7BXwLu-mF7dGkL&gir=yes&clen=142602&dur=9.801&lmt=1644075043895481&mt=1676904802&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=XIJ4qx1m9pwvmA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgaMAQjqSjzEeOLXDeJbSK51o_W4YdwO28lOMyh82NKl4CIFa8U4xexEPEnCLdZRhUEDK_8Pu15w2T9UyORPNKFzth&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgGl7B4lDmT5G3eNc2cFRSpBuD1uLPKTn2cLbc-qDohwoCIFr8sxN0-YIhLkQM_4Sb9LELY2RdsK9R1VYyzeYYjb3R&alr=yes&cpn=OflqywnvP48BRWkw&cver=1.20230215.01.00&range=0-65812&rn=3&rbuf=0&pot=DzPHdAaDhfTLM_s_Mgc8LxriuJkATBbSCPkOi0s5LzeVjeY5L_WlB_yqX4V8j3Xy_e49CqSfmQtZu7t6VMHU2qlJ34E5tFslNABVcaeUDUst1Oeoadxz4eqlWSV74GFouXs5DX-66J9Z HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 05 Feb 2022 15:30:43 GMT
Content-Type: audio/webm
Date: Mon, 20 Feb 2023 14:59:51 GMT
Expires: Mon, 20 Feb 2023 14:59:51 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 65813
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1676926790&ei=5orzY-2OIu6I0u8PmqGXiAw&ip=91.90.42.154&id=o-AGQsuTQZHNWb4qUsAJflj56a0QvBDuwSFNnTmxKZ8XO7&itag=250&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1840000&spc=H3gIhm8GQrSvlUcJZLNz1suORiFV7tc&vprv=1&mime=audio%2Fwebm&ns=s9mfXN4-hFMtJaaNKVkTYTQL&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&mt=1676904802&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=B6uBsWtCf7-q8w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJRqxw5f-M0VNoVNHALaw64M97T1lGPOdJrl-eRtw03oAiEAyR_ARObMWYVr0-2A930QIbM0ibjIbsGLOhKO7sRPgHU%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANBbleE-0nTAs8qCnnYfmF0YanrvyhLuGBn4AKUK1JmyAiBCqM-vT2HnvxahaHne-HXMZA1MUwJbIfIjE944a3tJbA%3D%3D&alr=yes&cpn=UxQ2mpJa2Zt6EnKq&cver=1.20230215.01.00&range=0-337&rn=2&rbuf=0
91.90.45.172200 OK 338 B URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1676926790&ei=5orzY-2OIu6I0u8PmqGXiAw&ip=91.90.42.154&id=o-AGQsuTQZHNWb4qUsAJflj56a0QvBDuwSFNnTmxKZ8XO7&itag=250&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1840000&spc=H3gIhm8GQrSvlUcJZLNz1suORiFV7tc&vprv=1&mime=audio%2Fwebm&ns=s9mfXN4-hFMtJaaNKVkTYTQL&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&mt=1676904802&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=B6uBsWtCf7-q8w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJRqxw5f-M0VNoVNHALaw64M97T1lGPOdJrl-eRtw03oAiEAyR_ARObMWYVr0-2A930QIbM0ibjIbsGLOhKO7sRPgHU%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANBbleE-0nTAs8qCnnYfmF0YanrvyhLuGBn4AKUK1JmyAiBCqM-vT2HnvxahaHne-HXMZA1MUwJbIfIjE944a3tJbA%3D%3D&alr=yes&cpn=UxQ2mpJa2Zt6EnKq&cver=1.20230215.01.00&range=0-337&rn=2&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash ad731b1b5f15e8439e4ab2816fe84240
1dbb0f630b426413eda4e6b4134979aec2d4ae8b
099a421c809946c753da16a33d1815db997edd49bc686e5d97f85ab2f234515c
POST /videoplayback?expire=1676926790&ei=5orzY-2OIu6I0u8PmqGXiAw&ip=91.90.42.154&id=o-AGQsuTQZHNWb4qUsAJflj56a0QvBDuwSFNnTmxKZ8XO7&itag=250&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1840000&spc=H3gIhm8GQrSvlUcJZLNz1suORiFV7tc&vprv=1&mime=audio%2Fwebm&ns=s9mfXN4-hFMtJaaNKVkTYTQL&gir=yes&clen=19323&dur=42.061&lmt=1645693636059657&mt=1676904802&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=B6uBsWtCf7-q8w&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJRqxw5f-M0VNoVNHALaw64M97T1lGPOdJrl-eRtw03oAiEAyR_ARObMWYVr0-2A930QIbM0ibjIbsGLOhKO7sRPgHU%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANBbleE-0nTAs8qCnnYfmF0YanrvyhLuGBn4AKUK1JmyAiBCqM-vT2HnvxahaHne-HXMZA1MUwJbIfIjE944a3tJbA%3D%3D&alr=yes&cpn=UxQ2mpJa2Zt6EnKq&cver=1.20230215.01.00&range=0-337&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 24 Feb 2022 09:07:16 GMT
Content-Type: audio/webm
Date: Mon, 20 Feb 2023 14:59:51 GMT
Expires: Mon, 20 Feb 2023 14:59:51 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 338
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa636a1bf-e68a-4293-92f4-a3d1413ed4c7.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa636a1bf-e68a-4293-92f4-a3d1413ed4c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75551065a5464d8c6c8f36b1644c9574
a94e26e5d1acbedecf30dbbaded3e2b2383e3e73
352c224720a3b01ad823397bfaedb1e1891323fd64b38891aca8acf10d7796cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa636a1bf-e68a-4293-92f4-a3d1413ed4c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6393
x-amzn-requestid: 4c15f18a-51e7-4e5c-bc3e-e9ae9a20054c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AmxkCHFzIAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f29619-4f42feb4175b6b60705e3847;Sampled=0
x-amzn-remapped-date: Sun, 19 Feb 2023 21:35:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _TV1PsCwrWHPw4Q0n3wnkFNuECV-GQMA3b4WvSNm6d62lPf4Tr3zKQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Feb 2023 22:08:05 GMT
age: 60706
etag: "a94e26e5d1acbedecf30dbbaded3e2b2383e3e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1676926790&ei=5orzY-2OIu6I0u8PmqGXiAw&ip=91.90.42.154&id=o-AGQsuTQZHNWb4qUsAJflj56a0QvBDuwSFNnTmxKZ8XO7&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1840000&spc=H3gIhm8GQrSvlUcJZLNz1suORiFV7tc&vprv=1&mime=video%2Fwebm&ns=s9mfXN4-hFMtJaaNKVkTYTQL&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&mt=1676904802&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=B6uBsWtCf7-q8w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgVsBNdHZS_pFCCfsP6NB9T8NyY7LZHjFOHOxFei3-XaYCIQCulq3bb1Z3mAiDmBcZPqeh5skA-bnTeC1fdc50L08HTQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANBbleE-0nTAs8qCnnYfmF0YanrvyhLuGBn4AKUK1JmyAiBCqM-vT2HnvxahaHne-HXMZA1MUwJbIfIjE944a3tJbA%3D%3D&alr=yes&cpn=UxQ2mpJa2Zt6EnKq&cver=1.20230215.01.00&range=0-348&rn=1&rbuf=0
91.90.45.172200 OK 349 B URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1676926790&ei=5orzY-2OIu6I0u8PmqGXiAw&ip=91.90.42.154&id=o-AGQsuTQZHNWb4qUsAJflj56a0QvBDuwSFNnTmxKZ8XO7&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1840000&spc=H3gIhm8GQrSvlUcJZLNz1suORiFV7tc&vprv=1&mime=video%2Fwebm&ns=s9mfXN4-hFMtJaaNKVkTYTQL&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&mt=1676904802&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=B6uBsWtCf7-q8w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgVsBNdHZS_pFCCfsP6NB9T8NyY7LZHjFOHOxFei3-XaYCIQCulq3bb1Z3mAiDmBcZPqeh5skA-bnTeC1fdc50L08HTQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANBbleE-0nTAs8qCnnYfmF0YanrvyhLuGBn4AKUK1JmyAiBCqM-vT2HnvxahaHne-HXMZA1MUwJbIfIjE944a3tJbA%3D%3D&alr=yes&cpn=UxQ2mpJa2Zt6EnKq&cver=1.20230215.01.00&range=0-348&rn=1&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 6799eeffb2467b3622904988938cc6c9
363a023f07f0578a4978f873d55603650c9b32de
430e019435c317dab1826c031d59218a2dd88706591d671aa2ade9b2e74dec74
POST /videoplayback?expire=1676926790&ei=5orzY-2OIu6I0u8PmqGXiAw&ip=91.90.42.154&id=o-AGQsuTQZHNWb4qUsAJflj56a0QvBDuwSFNnTmxKZ8XO7&itag=243&aitags=133%2C134%2C135%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=gh&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1840000&spc=H3gIhm8GQrSvlUcJZLNz1suORiFV7tc&vprv=1&mime=video%2Fwebm&ns=s9mfXN4-hFMtJaaNKVkTYTQL&gir=yes&clen=688476&dur=42.033&lmt=1645693636801438&mt=1676904802&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=B6uBsWtCf7-q8w&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgVsBNdHZS_pFCCfsP6NB9T8NyY7LZHjFOHOxFei3-XaYCIQCulq3bb1Z3mAiDmBcZPqeh5skA-bnTeC1fdc50L08HTQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhANBbleE-0nTAs8qCnnYfmF0YanrvyhLuGBn4AKUK1JmyAiBCqM-vT2HnvxahaHne-HXMZA1MUwJbIfIjE944a3tJbA%3D%3D&alr=yes&cpn=UxQ2mpJa2Zt6EnKq&cver=1.20230215.01.00&range=0-348&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 24 Feb 2022 09:07:16 GMT
Content-Type: video/webm
Date: Mon, 20 Feb 2023 14:59:51 GMT
Expires: Mon, 20 Feb 2023 14:59:51 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 349
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash be4b7f56fd6b2a1cbca5d76216d7469c
6d7833114390a2dcd3f6d016cc1a037b887eb741
19eafb06282f37df35d4f381c41a499b7ce61f684c69acc58c2523a3836946be
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 874
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 20 Feb 2023 14:59:51 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.bunny.net/roboto/files/roboto-latin-400-normal.woff2
194.242.11.186200 OK 21 kB URL HTTP/2 fonts.bunny.net/roboto/files/roboto-latin-400-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash 3f9a2382fec69c2fd66f756ebbff94c4
55ab85a541ab316921f6cf536043b9c4c0267b22
1e688848975ca7b7a23481d7c3055ee41969c7bfab5c1b6019c8b4c494efd53d
GET /roboto/files/roboto-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:51 GMT
content-type: font/woff2
content-length: 15744
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aef47c-3d80"
last-modified: Fri, 30 Dec 2022 14:23:56 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:40:02
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 58d4cb9e6a064602e04bb7126be306d1
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c9c64bda6db6f0928a7651609bd99d2b
24d909a76e9070c62ba5665a80b967388f09c480
62f0322b2a9617cc614658f923a52531ed19053678e331d7a27c3106455f4a68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Feb 2023 14:59:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1676926790&ei=5orzY8zkAoHbyAXMyIW4BQ&ip=91.90.42.154&id=o-AI55Kywf1dj2ZhBRP6piIxN8_duug4S_gDaccz5kc46B&itag=242&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&spc=H3gIhloOGvkFA7FI-SDAlHmS4BLh-fT8NJezvXGpZ7BTy3VWvw&vprv=1&mime=video%2Fwebm&ns=CIm8lJ77zY7BXwLu-mF7dGkL&gir=yes&clen=210419&dur=9.766&lmt=1644075043573011&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=XIJ4qx1m9pwvmA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIcHPZ1s5Mnhh5ruaFnoVQvhLlxhHLj6Z_yTUYreXZ5SAiAF8fBn-30XMzzxlL7xwb8qNvMVILoKq3_LUqIV1hSl4g%3D%3D&alr=yes&cpn=OflqywnvP48BRWkw&cver=1.20230215.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=ke&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1676905029&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPCMRxBkBD1UgCgu73BYLbMl2CGgAtXw0B8bOU0uuDNEAiAFf7MdRL15sQbUxxkXZUFeQskJA1EAkg_c9Q-zTe8bXA%3D%3D&range=0-65787&rn=4&rbuf=0&pot=DzPHdAaDhfTLM_s_Mgc8LxriuJkATBbSCPkOi0s5LzeVjeY5L_WlB_yqX4V8j3Xy_e49CqSfmQtZu7t6VMHU2qlJ34E5tFslNABVcaeUDUst1Oeoadxz4eqlWSV74GFouXs5DX-66J9Z
74.125.111.39200 OK 1.3 kB URL HTTP/1.1 rr2---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1676926790&ei=5orzY8zkAoHbyAXMyIW4BQ&ip=91.90.42.154&id=o-AI55Kywf1dj2ZhBRP6piIxN8_duug4S_gDaccz5kc46B&itag=242&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&spc=H3gIhloOGvkFA7FI-SDAlHmS4BLh-fT8NJezvXGpZ7BTy3VWvw&vprv=1&mime=video%2Fwebm&ns=CIm8lJ77zY7BXwLu-mF7dGkL&gir=yes&clen=210419&dur=9.766&lmt=1644075043573011&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=XIJ4qx1m9pwvmA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIcHPZ1s5Mnhh5ruaFnoVQvhLlxhHLj6Z_yTUYreXZ5SAiAF8fBn-30XMzzxlL7xwb8qNvMVILoKq3_LUqIV1hSl4g%3D%3D&alr=yes&cpn=OflqywnvP48BRWkw&cver=1.20230215.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=ke&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1676905029&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPCMRxBkBD1UgCgu73BYLbMl2CGgAtXw0B8bOU0uuDNEAiAFf7MdRL15sQbUxxkXZUFeQskJA1EAkg_c9Q-zTe8bXA%3D%3D&range=0-65787&rn=4&rbuf=0&pot=DzPHdAaDhfTLM_s_Mgc8LxriuJkATBbSCPkOi0s5LzeVjeY5L_WlB_yqX4V8j3Xy_e49CqSfmQtZu7t6VMHU2qlJ34E5tFslNABVcaeUDUst1Oeoadxz4eqlWSV74GFouXs5DX-66J9Z
IP 74.125.111.39:0
File type ASCII text, with very long lines (1256), with no line terminators
Hash aa519dd0a01b6c18fe5afe754b2a2290
2276b8dc3c0691c350ebe6f45e11a47c603d0163
d3be0f5d160c85d0a9779a3be8ca725452f3ed6262769752dae56ac1451f32d3
POST /videoplayback?expire=1676926790&ei=5orzY8zkAoHbyAXMyIW4BQ&ip=91.90.42.154&id=o-AI55Kywf1dj2ZhBRP6piIxN8_duug4S_gDaccz5kc46B&itag=242&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&spc=H3gIhloOGvkFA7FI-SDAlHmS4BLh-fT8NJezvXGpZ7BTy3VWvw&vprv=1&mime=video%2Fwebm&ns=CIm8lJ77zY7BXwLu-mF7dGkL&gir=yes&clen=210419&dur=9.766&lmt=1644075043573011&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=XIJ4qx1m9pwvmA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAIcHPZ1s5Mnhh5ruaFnoVQvhLlxhHLj6Z_yTUYreXZ5SAiAF8fBn-30XMzzxlL7xwb8qNvMVILoKq3_LUqIV1hSl4g%3D%3D&alr=yes&cpn=OflqywnvP48BRWkw&cver=1.20230215.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=ke&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1676905029&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPCMRxBkBD1UgCgu73BYLbMl2CGgAtXw0B8bOU0uuDNEAiAFf7MdRL15sQbUxxkXZUFeQskJA1EAkg_c9Q-zTe8bXA%3D%3D&range=0-65787&rn=4&rbuf=0&pot=DzPHdAaDhfTLM_s_Mgc8LxriuJkATBbSCPkOi0s5LzeVjeY5L_WlB_yqX4V8j3Xy_e49CqSfmQtZu7t6VMHU2qlJ34E5tFslNABVcaeUDUst1Oeoadxz4eqlWSV74GFouXs5DX-66J9Z HTTP/1.1
Host: rr2---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Mon, 20 Feb 2023 14:59:51 GMT
Expires: Mon, 20 Feb 2023 14:59:51 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1256
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
llclickpro.com/trackr.css?v=29
104.21.65.65200 OK 0 B URL HTTP/2 llclickpro.com/trackr.css?v=29
IP 104.21.65.65:0
GET /trackr.css?v=29 HTTP/1.1
Host: llclickpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/MCTGlanding/tab
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:43 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=12271
last-modified: Tue, 28 Jun 2022 06:00:22 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5314
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ht0f8YtowoTbP3UF8upXRSGze0ojqZePR16G5dvYFRdQx21CVKsw88A7HBEwJxxkc%2FwuSEejB5NY4cXcbGRTdx3p72HSfxlc5nwrVlnxbZYjfRqbaqtdscBcLO52FcEJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79c81b953a12b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/126-cloud/js/group-3.pro.js
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/126-cloud/js/group-3.pro.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /builds/pro/126-cloud/js/group-3.pro.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:45 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"864e134a7962ccb8605a940e471fad36"
last-modified: Tue, 31 Jan 2023 10:24:53 GMT
x-amz-id-2: uw9WaJGmSSJvSuT/iLLuOhBXeJXWwVhxmKbGOTavZB+Fqk0+7ZjkICK3WTX+FItATzc6W0zJxr0=
x-amz-request-id: Y6QDN9Z07NYH3JV8
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/19/2023 23:58:14
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/126-cloud/js/group-3.pro.js>; rel="canonical"
cdn-status: 200
cdn-requestid: 25cc4dab02e9f0b2ffbda2c6e25fae26
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.bestchange.com/js/banner.php?p=1276983
54.37.161.241200 OK 0 B URL HTTP/2 www.bestchange.com/js/banner.php?p=1276983
IP 54.37.161.241:0
GET /js/banner.php?p=1276983 HTTP/1.1
Host: www.bestchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 20 Feb 2023 14:59:45 GMT
content-type: application/x-javascript; charset=windows-1251
cache-control: public, max-age=86400
set-cookie: userid=122fa80bef581036e0a3d19cc3deb853; expires=Thu, 17-Feb-2033 14:59:45 GMT; Max-Age=315360000; path=/
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.gravitec.net/storage/651b3da8463250405063839a2450c723/client.js
45.133.44.4200 OK 0 B URL HTTP/2 cdn.gravitec.net/storage/651b3da8463250405063839a2450c723/client.js
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
GET /storage/651b3da8463250405063839a2450c723/client.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:45 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Mon, 31 Oct 2022 19:57:34 GMT
etag: W/"636028ae-100fb"
expires: Mon, 31 Oct 2022 20:24:50 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: REVALIDATED
X-Firefox-Spdy: h2
t-adbar1.com/_kc1h
18.233.184.7200 OK 0 B IP 18.233.184.7:0
GET /_kc1h HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:42 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
set-cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Wed, 22-Mar-2023 14:59:42 GMT; Max-Age=2592000; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.gravitec.net/modules/1.bundle.js
45.133.44.4200 OK 0 B URL HTTP/2 cdn.gravitec.net/modules/1.bundle.js
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
GET /modules/1.bundle.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:49 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
etag: W/"61fa486f-8092"
expires: Tue, 20 Dec 2022 09:05:37 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
18.233.184.7200 OK 0 B URL HTTP/2 trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
IP 18.233.184.7:0
GET /50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:43 GMT
content-type: image/jpeg
server: nginx
vary: Accept-Encoding
expires: Wed, 22 Mar 2023 14:59:42 GMT
pragma: public
cache-control: max-age=2591999
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/all.css
IP 172.64.133.15:0
GET /releases/v5.15.4/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:43 GMT
content-type: text/css
x-amz-id-2: RNMOzIL4L62JBv1gQZuSQi/KuXz1AKThNkDAuYU8eSg8Xvz4uMd6NO3J1xUVs/t1EMltDUPglKQ=
x-amz-request-id: QJNWHRSCTPN9EYA3
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 61132
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRYCEEJq2E4BG4AEeoah5F6pocWi5lY2mO0qPJLLE0xOopLYRbUb570eNmvw8Ng3GWGuNvH0C96MQ7xu5n6Nc1y3Kfo3yjgzbCfU%2FJRTNfpA7o76jP6tWV0uhPzNOkHUANA9S5hA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79c81b960a3371e0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pixel.leadsleap.net/set.html?n1=lltkra156457&v1=1006408.20&n2=lltkrb156457&v2=1006408.20
172.67.186.40200 OK 0 B URL HTTP/2 pixel.leadsleap.net/set.html?n1=lltkra156457&v1=1006408.20&n2=lltkrb156457&v2=1006408.20
IP 172.67.186.40:0
GET /set.html?n1=lltkra156457&v1=1006408.20&n2=lltkrb156457&v2=1006408.20 HTTP/1.1
Host: pixel.leadsleap.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:44 GMT
content-type: text/html
last-modified: Thu, 01 Oct 2020 11:41:08 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izoKJc9F%2F6gZg0%2F1JNPnpszTK5jPFFkwo4GsF6KMQRAmBicdaCnhe8v3Oan5zvhJd%2BONOGNuNR1XJlG6EEcrk%2F7HCp3OnNd5BZXHNLVEjjPqA%2B7FFxUUtdV2ck%2Bh12XNKbvgjzM6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79c81b96e8dafac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/embed/o5F8MOz_IDw?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
142.250.74.14200 OK 0 B URL HTTP/2 www.youtube.com/embed/o5F8MOz_IDw?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
IP 142.250.74.14:0
GET /embed/o5F8MOz_IDw?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 20 Feb 2023 14:59:46 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=jdE3LgwcucQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=EvZQyF5Gh7w; Domain=.youtube.com; Expires=Sat, 19-Aug-2023 14:59:46 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekl3TWpJMU1qa3pOREF5TWpFME5UQXhOdz09EOKVzp8GGOKVzp8G; Domain=.youtube.com; Expires=Sat, 19-Aug-2023 14:59:46 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+855; expires=Wed, 19-Feb-2025 14:59:46 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Ikt1NHJERyt3NktCaDRaVGNTRWd1d3c9PSIsInZhbHVlIjoiTDJCZGxQeFN4OWpSc2plXC9KU25admc9PSIsIm1hYyI6IjYwNzY1NzVkYjdiNDk2YmMwMGFmNDUyN2M0NzAyYmU2MGUwZmEyMmRkMDAyOTJmMDRhMzdjZDc5MjViMGY3NmUifQ==&abc=
18.233.184.7200 OK 0 B URL HTTP/2 t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Ikt1NHJERyt3NktCaDRaVGNTRWd1d3c9PSIsInZhbHVlIjoiTDJCZGxQeFN4OWpSc2plXC9KU25admc9PSIsIm1hYyI6IjYwNzY1NzVkYjdiNDk2YmMwMGFmNDUyN2M0NzAyYmU2MGUwZmEyMmRkMDAyOTJmMDRhMzdjZDc5MjViMGY3NmUifQ==&abc=
IP 18.233.184.7:0
GET /_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6Ikt1NHJERyt3NktCaDRaVGNTRWd1d3c9PSIsInZhbHVlIjoiTDJCZGxQeFN4OWpSc2plXC9KU25admc9PSIsIm1hYyI6IjYwNzY1NzVkYjdiNDk2YmMwMGFmNDUyN2M0NzAyYmU2MGUwZmEyMmRkMDAyOTJmMDRhMzdjZDc5MjViMGY3NmUifQ==&abc= HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/_kc1h
Connection: keep-alive
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:42 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
set-cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Wed, 22-Mar-2023 14:59:42 GMT; Max-Age=2592000; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.gravitec.net/modules/0.bundle.js
45.133.44.4200 OK 0 B URL HTTP/2 cdn.gravitec.net/modules/0.bundle.js
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
GET /modules/0.bundle.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Feb 2023 14:59:49 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
etag: W/"61fa486f-2550"
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2