bronzealliance.com/go/2124d76f-4c45-4893-8221-91159ca5e0b9
302 Found 170 B URL HTTP/1.1 bronzealliance.com/go/2124d76f-4c45-4893-8221-91159ca5e0b9
IP
File type HTML document, ASCII text, with no line terminators
Hash 23ca109415ac0158a062dd37b4764c3b
9a637b32241eadad372b69d008b5481b7baefcb5
09fbb441c8fa544f48c301b3ecbc7e813011f0054b0c01555ba2d8cc0a3a341f
GET /go/2124d76f-4c45-4893-8221-91159ca5e0b9 HTTP/1.1
Host: bronzealliance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 07 Nov 2022 16:01:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
Access-Control-Allow-Origin: *
Location: https://www.dcampu.com/go/e3745bdb-d782-4be9-8d8c-c70b7854cd5e?
Set-Cookie: bemob-uniq-visit:2124d76f-4c45-4893-8221-91159ca5e0b9=1; Domain=bronzealliance.com; Path=/; Expires=Tue, 08 Nov 2022 16:01:20 GMT; HttpOnly
bemob-rotation:2124d76f-4c45-4893-8221-91159ca5e0b9:random:d14fd187560165c07cdad8d514fb93eb=0-0-0; Domain=bronzealliance.com; Path=/; Expires=Tue, 08 Nov 2022 16:01:20 GMT; HttpOnly
bemob-click-id=EGjadxLYDfWxgXar1quqon; Domain=bronzealliance.com; Path=/; Expires=Tue, 08 Nov 2022 16:01:20 GMT; HttpOnly
Vary: Accept
X-Response-Time: 17.807ms
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaSDIf68NGxade9N%2BoZdtBEaIlwGwwlMqsX2cHCvwMlaE4UHQV2hmgM6h3EkH58H%2BRlZTzQv8Ukh88e0e9wxFLOceooMkcijCT9MPqKm62hah5wgxW6MTpoefTpCdrI4eOnhAEI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 766749760cc51bfa-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9e164a845d32db8fa51fdb5b1aa218d9
169099b4d2f8e119ab6cf6fca279b6fb535b1759
402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8217
Expires: Mon, 07 Nov 2022 18:18:17 GMT
Date: Mon, 07 Nov 2022 16:01:20 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 9fd081ea88e8b8563986b3e558496d21
60700393dce5eb42c0db0d5feef340f4832e3c65
d92555957857423ed02f0d0435739bcd40a996591c73f40315564b372f6e2395
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1869
Cache-Control: max-age=154867
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 16:01:20 GMT
Etag: "6368de76-1d7"
Expires: Wed, 09 Nov 2022 11:02:27 GMT
Last-Modified: Mon, 07 Nov 2022 10:31:18 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d8c32b2fb818533a5b3fe5c69157bde9
93594fd3fc50d9d444c28660eabba1edbe4f0588
df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F"
Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7829
Expires: Mon, 07 Nov 2022 18:11:49 GMT
Date: Mon, 07 Nov 2022 16:01:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gQLc61a6iRSIGcM4XhLI4JtP752pYNtPxeI0xgb0dTAFbojZ0hraEy7madx+a1bineuu3RxsKxc=
x-amz-request-id: K0GF4SYQDZ3TFEVV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 07 Nov 2022 15:10:55 GMT
age: 3025
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 07 Nov 2022 16:01:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash b91743ab2af670da42c95047a25dbb94
368747f10b258e05ad862a80fa7e5773092d0042
3e9ca493f0e1839410a2ea8c06b605aa351ab62e01d3ebb8c32047bfc8c90d81
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3E9CA493F0E1839410A2EA8C06B605AA351AB62E01D3EBB8C32047BFC8C90D81"
Last-Modified: Sun, 06 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21580
Expires: Mon, 07 Nov 2022 22:01:00 GMT
Date: Mon, 07 Nov 2022 16:01:20 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash b91743ab2af670da42c95047a25dbb94
368747f10b258e05ad862a80fa7e5773092d0042
3e9ca493f0e1839410a2ea8c06b605aa351ab62e01d3ebb8c32047bfc8c90d81
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3E9CA493F0E1839410A2EA8C06B605AA351AB62E01D3EBB8C32047BFC8C90D81"
Last-Modified: Sun, 06 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21580
Expires: Mon, 07 Nov 2022 22:01:00 GMT
Date: Mon, 07 Nov 2022 16:01:20 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3c13411224ce02693a491e04d589d86f
1e13a76156d3df29443c11b28df1f90cf08de4f4
481f1112b09a2a8c0258daa781bb957340d6023316a10dc1ce7bf55e2c4689cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "481F1112B09A2A8C0258DAA781BB957340D6023316A10DC1CE7BF55E2C4689CD"
Last-Modified: Sun, 06 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5498
Expires: Mon, 07 Nov 2022 17:32:59 GMT
Date: Mon, 07 Nov 2022 16:01:21 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash e6f4643306be10417c47176a6e67306f
940a13818904add9e1cacd12610f37ba1efd7bc5
67e51095b5da59b3eeda8a28c81789e69064a0a19a93347c2fcb05fd4b21e6d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6323
Cache-Control: max-age=154248
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 16:01:21 GMT
Etag: "6368caa6-1d7"
Expires: Wed, 09 Nov 2022 10:52:09 GMT
Last-Modified: Mon, 07 Nov 2022 09:06:46 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
fregtrsatnt.com/favicon.ico
204 No Content 0 B URL HTTP/2 fregtrsatnt.com/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: fregtrsatnt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fregtrsatnt.com/link?z=5284949&var=bck&ymid=EJmghARfTuLcuQxoo5mKDS
Cookie: OAID=4e5fca3dd3524447a7a2ccb571f24a40; oaidts=1667836881; allcnt=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 07 Nov 2022 16:01:21 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 2fe5c9e4eb3628bf2ec24516ac5b1efd
d5d6e1081969ccb5a2c859dbb08ac31079d6ab75
11f8421ed48150683cdab40019b712583b575b36adc3878142b336138607da0a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 07 Nov 2022 16:01:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 07 Nov 2022 06:25:22 GMT
Expires: Mon, 14 Nov 2022 06:25:21 GMT
Etag: "d5d6e1081969ccb5a2c859dbb08ac31079d6ab75"
Cache-Control: max-age=569639,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7667497cbf25b4ff-OSL
my.rtmark.net/img.gif?f=merge&userId=4e5fca3dd3524447a7a2ccb571f24a40
200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=4e5fca3dd3524447a7a2ccb571f24a40
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=4e5fca3dd3524447a7a2ccb571f24a40 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fregtrsatnt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 07 Nov 2022 16:01:21 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4e5fca3dd3524447a7a2ccb571f24a40; expires=Tue, 07 Nov 2023 16:01:21 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 38c7e69803224708967102dbac4e1132
8c9d0702acaa2eb0bc778087a9a8fa1073b64f7d
d9ad9e9091fb9d52fe30e2f0aa48c30f51ddfdc1541151b079fa6d8691158e2f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9AD9E9091FB9D52FE30E2F0AA48C30F51DDFDC1541151B079FA6D8691158E2F"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6870
Expires: Mon, 07 Nov 2022 17:55:51 GMT
Date: Mon, 07 Nov 2022 16:01:21 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3xF7WLwMhKUoxqqy54Gqig==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FwUoR6t8Wts2EUzLJRYlfMkFzJo=
whairtoa.com/?z=5284950&syncedCookie=true&rhd=false
302 Found 0 B URL HTTP/2 whairtoa.com/?z=5284950&syncedCookie=true&rhd=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /?z=5284950&syncedCookie=true&rhd=false HTTP/1.1
Host: whairtoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 526
Origin: https://fregtrsatnt.com
Connection: keep-alive
Referer: https://fregtrsatnt.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 07 Nov 2022 16:01:21 GMT
content-length: 0
location: https://deebcards-themier.com/e666d5bf-b09e-4a02-a33b-e0cc75fb172a?zoneid=5284950&bannerid=15511501&geo=NO&random=2968192001&SUBID=613514948097872627&campaignid=6269517&category={category}&adformat=onclick&ntk=19&cost=0.000496&rdk=rk3
x-trace-id: a39f454879cbd096f1398f78870c53ce
link: <https://deebcards-themier.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
access-control-allow-origin: https://fregtrsatnt.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=7fa6f207435944b2989d9b942e5468df; expires=Tue, 07 Nov 2023 16:01:21 GMT; path=/; secure; SameSite=None
oaidts=1667836881; expires=Tue, 07 Nov 2023 16:01:21 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
deebcards-themier.com/e666d5bf-b09e-4a02-a33b-e0cc75fb172a?zoneid=5284950&bannerid=15511501&geo=NO&random=2968192001&SUBID=613514948097872627&campaignid=6269517&category={category}&adformat=onclick&ntk=19&cost=0.000496&rdk=rk3
302 Found 0 B URL HTTP/2 deebcards-themier.com/e666d5bf-b09e-4a02-a33b-e0cc75fb172a?zoneid=5284950&bannerid=15511501&geo=NO&random=2968192001&SUBID=613514948097872627&campaignid=6269517&category={category}&adformat=onclick&ntk=19&cost=0.000496&rdk=rk3
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e666d5bf-b09e-4a02-a33b-e0cc75fb172a?zoneid=5284950&bannerid=15511501&geo=NO&random=2968192001&SUBID=613514948097872627&campaignid=6269517&category={category}&adformat=onclick&ntk=19&cost=0.000496&rdk=rk3 HTTP/1.1
Host: deebcards-themier.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 07 Nov 2022 16:01:21 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.browsewithgx.com/?tl=deebcards-themier.com&btn=2&imp=0&cep=zehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs&lptoken=16486755832e86638124&zoneid=5284950&bannerid=15511501&geo=NO&random=2968192001&SUBID=613514948097872627&campaignid=6269517&category=%7Bcategory%7D&adformat=onclick&ntk=19&cost=0.000496&rdk=rk3
pragma: no-cache
set-cookie: e666d5bf-b09e-4a02-a33b-e0cc75fb172a-v4=K_BMzXmzaVhTo1sU-BAy5R9scmasU4-0AwH5D6ALe-4; Max-Age=86400; Expires=Tue, 08-Nov-2022 16:01:21 GMT; Domain=deebcards-themier.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=xHbb9-brze2dBpWFX8wKLodC84ayzfpcwQ-Ge-RBDDDo34L1u3C_-J62XMegxIDBApvpZwP5TeJmLh6e2lxOcRPSK7JMBasR3X8MoS1-QqDV9RoRjIdps_kMfFFLW9sSyH4bsRU63tdAi3RL-kaj77l0L4scG5TQirqpwpy4BUGHgqAQt7JwS5yedaInzRQRvFrlLHCXx7C0FqoAkWGbyrdZ6UUSVS-NMS9f71f9jy10o-qxVFDFQHfGXUFM_ZK9lLA69yXSVauDKB3TvpMFxwAwIcCCZcc7B3DwVS9Cw5iM07oobXHIYK1oNZCr0hqwVRftgOKQVf07tHLsYSFLeFyV4L2ZFizmzv94nPpzHqSWyQUlTfyApwpqRxXZNY-6nIC6QfwwgLqQcjvtYfspj4no6Ot2vWpqCorkKNFHd_fCethxbRww0uq58a_3_Lh8_bMWdaR24fmGi8zEwwCdOhfnFjCG9RdyO-mPBiEk6Wnk5bovj2eeFWEVnskAvNn5lJ8tEO8Rah5FeKxj_qusdm1eeSug5mOumWnEjOf0hfLO2Nnh9US2z4vSY8KTHMPR; Max-Age=86400; Expires=Tue, 08-Nov-2022 16:01:21 GMT; Domain=deebcards-themier.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash a701bd695bff6788e1a11305d57fa249
bdaca477cc574e1cacd55650e64cee42ffbfbfc9
726f628e15707ad9686069f2c880406e28fe4a56017afac831c2281756b80e10
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=137198
Date: Mon, 07 Nov 2022 16:01:21 GMT
Etag: "6368873a-1d7"
Expires: Wed, 09 Nov 2022 06:07:59 GMT
Last-Modified: Mon, 07 Nov 2022 04:19:06 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: z1UtgrFIhyH90bWTkvl7BfmYsiP7AvgVHc2qNL0xT_5mSsrmzW8Aew==
Age: 6533
www.browsewithgx.com/assets/3809.png
200 OK 7.3 kB URL HTTP/2 www.browsewithgx.com/assets/3809.png
IP
File type PNG image data, 260 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash 21f7ce215aae34f2e02075c53073aad6
86908885e487fc10674541b47aad6e5b650db373
8a9a18c629393d37153b6e200a557b36ab68bb6bb5068061f4d2a752733e720c
GET /assets/3809.png HTTP/1.1
Host: www.browsewithgx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/?tl=deebcards-themier.com&btn=2&imp=0&cep=zehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs&lptoken=16486755832e86638124&zoneid=5284950&bannerid=15511501&geo=NO&random=2968192001&SUBID=613514948097872627&campaignid=6269517&category=%7Bcategory%7D&adformat=onclick&ntk=19&cost=0.000496&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7265
last-modified: Mon, 21 Mar 2022 18:42:51 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 07 Nov 2022 09:35:42 GMT
etag: "21f7ce215aae34f2e02075c53073aad6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YNf42ft2vyvSn7ATHMyF9wBMNYQYzAaexKTtCjCRC4AQi672RuZFAQ==
age: 51879
X-Firefox-Spdy: h2
www.browsewithgx.com/assets/xm1k.png
200 OK 122 kB URL HTTP/2 www.browsewithgx.com/assets/xm1k.png
IP
File type PNG image data, 532 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 122 kB (121947 bytes)
Hash fb296fd6be55555670e23ef9e4d3176a
97b7aa60b59260cd2ba4c8ea163403ac210780dd
c5e800a0f0f0b3b5ee1e6be0d7dceef5b7c2f88a33345e310afea6aa846fd01e
GET /assets/xm1k.png HTTP/1.1
Host: www.browsewithgx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/?tl=deebcards-themier.com&btn=2&imp=0&cep=zehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs&lptoken=16486755832e86638124&zoneid=5284950&bannerid=15511501&geo=NO&random=2968192001&SUBID=613514948097872627&campaignid=6269517&category=%7Bcategory%7D&adformat=onclick&ntk=19&cost=0.000496&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 121947
last-modified: Mon, 21 Mar 2022 18:42:51 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 07 Nov 2022 10:55:31 GMT
etag: "fb296fd6be55555670e23ef9e4d3176a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vGzkHwDxH7OL6A73ljVqDeE2sJgkM6UYSlEvjwYyU0g30Kx4Ok9vQw==
age: 19318
X-Firefox-Spdy: h2
www.browsewithgx.com/assets/brazil.png
200 OK 161 kB URL HTTP/2 www.browsewithgx.com/assets/brazil.png
IP
File type PNG image data, 532 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 161 kB (161255 bytes)
Hash 7159e04db522cc24e82254743f459124
67f5522a6b11aacd1936e105b11b0e956a541cf7
707a37320e6f6123c37faeb10a457b84524a350556414863f59f4266a44a0eb2
GET /assets/brazil.png HTTP/1.1
Host: www.browsewithgx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/?tl=deebcards-themier.com&btn=2&imp=0&cep=zehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs&lptoken=16486755832e86638124&zoneid=5284950&bannerid=15511501&geo=NO&random=2968192001&SUBID=613514948097872627&campaignid=6269517&category=%7Bcategory%7D&adformat=onclick&ntk=19&cost=0.000496&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 161255
last-modified: Mon, 21 Mar 2022 18:42:47 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 07 Nov 2022 03:19:56 GMT
etag: "7159e04db522cc24e82254743f459124"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qyoZAzLjU8moXf4zYSFNyit_q7GwqIpvGvU3Fv47HBOQRG78bchWxQ==
age: 46508
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 96791bd486db22c41012d25318835bdf
b32c813f16b84a6b2660bd527843da5e368af8eb
61a4589c35910af9f8d20ff0c7eca296a77a336ab00730573fe9ce7cf2cc72c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 16:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.browsewithgx.com/assets/xwk9.png
200 OK 327 kB URL HTTP/2 www.browsewithgx.com/assets/xwk9.png
IP
File type PNG image data, 1930 x 1085, 8-bit/color RGBA, non-interlaced\012- data
Size 327 kB (326592 bytes)
Hash 98bad9c0e22d83f92c81af7450e962a3
999d7edcf7cdff3669f8ef0ba937a695b0cd5238
8065cf86dfb65f5edf4a56a0dabb581f5248216922d4e4a198f2358279721565
GET /assets/xwk9.png HTTP/1.1
Host: www.browsewithgx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/?tl=deebcards-themier.com&btn=2&imp=0&cep=zehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs&lptoken=16486755832e86638124&zoneid=5284950&bannerid=15511501&geo=NO&random=2968192001&SUBID=613514948097872627&campaignid=6269517&category=%7Bcategory%7D&adformat=onclick&ntk=19&cost=0.000496&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 326592
last-modified: Mon, 21 Mar 2022 18:42:51 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 07 Nov 2022 08:49:37 GMT
etag: "98bad9c0e22d83f92c81af7450e962a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9Rln_MHqOKDYJ6Le8Brmo9N2vwf6MMp8Tab2wii4uvYxNdR4eTD8JQ==
age: 26678
X-Firefox-Spdy: h2
www.browsewithgx.com/?tl=deebcards-themier.com&btn=2&imp=0&cep=zehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs&lptoken=16486755832e86638124&zoneid=5284950&bannerid=15511501&geo=NO&random=2968192001&SUBID=613514948097872627&campaignid=6269517&category=%7Bcategory%7D&adformat=onclick&ntk=19&cost=0.000496&rdk=rk3
200 OK 9.0 kB URL HTTP/2 www.browsewithgx.com/?tl=deebcards-themier.com&btn=2&imp=0&cep=zehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs&lptoken=16486755832e86638124&zoneid=5284950&bannerid=15511501&geo=NO&random=2968192001&SUBID=613514948097872627&campaignid=6269517&category=%7Bcategory%7D&adformat=onclick&ntk=19&cost=0.000496&rdk=rk3
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2127)
Hash 9fce02f082681eadaf33a22d38d720c9
ab51aaaf23b329e71b4a1452a556fa572a52a8fe
1334d0afbfca41d13ab9a5d0a3cf84f7ca306179f2398c275afa5b9eed77145f
GET /?tl=deebcards-themier.com&btn=2&imp=0&cep=zehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs&lptoken=16486755832e86638124&zoneid=5284950&bannerid=15511501&geo=NO&random=2968192001&SUBID=613514948097872627&campaignid=6269517&category=%7Bcategory%7D&adformat=onclick&ntk=19&cost=0.000496&rdk=rk3 HTTP/1.1
Host: www.browsewithgx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
last-modified: Wed, 23 Mar 2022 18:56:00 GMT
server: AmazonS3
content-encoding: br
date: Mon, 07 Nov 2022 03:19:56 GMT
etag: W/"8de111973cb74ca1b8345ce54638b139"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eDYrRHRKKe73q4gzzaSZlrZhPy-CMlxgGR1RcXwct53PFq1jaXKQwQ==
age: 46341
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3849d297978f9334d294adc6e87ace82
6a45655d6b8da63381537bcf2ea8c2cf6ecc4dc0
2ebf3ed3cc8c16602d23c4058816cc0691bb3a950c067b18b774d8772a1c7c6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 16:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 12a1f191d3251cadd0fce23ca14e1a5d
a95b5c8eafe5d0ae8d78c77d4965ba1c486ec864
95b318059b6735c7221e60eabe0489c228c705c47a5f6adc8f829ac0f3c5f77c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 16:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6dba1915540598e77ae8d73ce49c4b3b
f9c34b678d814548946cafea65b20ff352fb501b
89f7e3ac689535c3a373e1ff2f4125e7879782917687c26210a3eaf6c9a6e6a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 16:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6dba1915540598e77ae8d73ce49c4b3b
f9c34b678d814548946cafea65b20ff352fb501b
89f7e3ac689535c3a373e1ff2f4125e7879782917687c26210a3eaf6c9a6e6a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 16:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/chakrapetch/v9/cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2
200 OK 9.2 kB URL HTTP/2 fonts.gstatic.com/s/chakrapetch/v9/cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 9156, version 1.0\012- data
Hash 5383f3ce890e025fd8d85a23662397c9
78a5eac04cfe53d3f1fdcd178288e2cef45032e4
ace012ca5db0bd782a22d938f8bf4a7ecdda284f9515f0c79418356efd5153f5
GET /s/chakrapetch/v9/cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.browsewithgx.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 00:50:38 GMT
expires: Sat, 04 Nov 2023 00:50:38 GMT
cache-control: public, max-age=31536000
age: 313844
last-modified: Thu, 21 Apr 2022 18:49:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/chakrapetch/v9/cIflMapbsEk7TDLdtEz1BwkeNIh1R5_F.woff2
200 OK 9.1 kB URL HTTP/2 fonts.gstatic.com/s/chakrapetch/v9/cIflMapbsEk7TDLdtEz1BwkeNIh1R5_F.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 9104, version 1.0\012- data
Hash d3a2dce5d3d891a0c22a2189c225a4b5
b20c9f3bece3ebb5939ce536577d77ab77c792ac
9da93eacb66618ccecea55a6d5adc410352d1932901b063a06ed65e7a5e37248
GET /s/chakrapetch/v9/cIflMapbsEk7TDLdtEz1BwkeNIh1R5_F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.browsewithgx.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9104
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Oct 2022 20:21:24 GMT
expires: Tue, 31 Oct 2023 20:21:24 GMT
cache-control: public, max-age=31536000
age: 589198
last-modified: Thu, 21 Apr 2022 18:57:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-W22TDPP
200 OK 59 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W22TDPP
IP
File type ASCII text, with very long lines (3129)
Hash ecd5fcd8f9a00fdd8468266815776442
015b47ffc668991061bcc07699ac8ee238d55445
78f9f85fd312883d348313718ee2c63774cc1b43c16ae13f90075715db4400c3
GET /gtm.js?id=GTM-W22TDPP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 07 Nov 2022 16:01:22 GMT
expires: Mon, 07 Nov 2022 16:01:22 GMT
cache-control: private, max-age=900
last-modified: Mon, 07 Nov 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 59283
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6dba1915540598e77ae8d73ce49c4b3b
f9c34b678d814548946cafea65b20ff352fb501b
89f7e3ac689535c3a373e1ff2f4125e7879782917687c26210a3eaf6c9a6e6a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 16:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 12a1f191d3251cadd0fce23ca14e1a5d
a95b5c8eafe5d0ae8d78c77d4965ba1c486ec864
95b318059b6735c7221e60eabe0489c228c705c47a5f6adc8f829ac0f3c5f77c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 16:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/03bec62d/www-player.css
200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/03bec62d/www-player.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7e92e56255817d6d10ec83e0b53225bc
a72f5f2d41bbf0ded02576645aa1c530d47014eb
a4f0075acca93f03340688e1f1350ba65ba95a884087c22d9ad748303f57df7c
GET /s/player/03bec62d/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49793
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 16:30:43 GMT
expires: Fri, 03 Nov 2023 16:30:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
content-type: text/css
age: 343839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/03bec62d/www-embed-player.vflset/www-embed-player.js
200 OK 97 kB URL HTTP/2 www.youtube.com/s/player/03bec62d/www-embed-player.vflset/www-embed-player.js
IP
File type ASCII text, with very long lines (679)
Hash f9e93c28684b0e1cc072949735006f6d
637ac9ad6d34f4ae4b497441e1fae0b9e40daa18
6324c13ad63d50c1d8076ea8f96426d2ba654c2e9d20f1a74759e8a9b2861992
GET /s/player/03bec62d/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Oct 2022 23:41:42 GMT
expires: Tue, 31 Oct 2023 23:41:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
content-type: text/javascript
age: 577180
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/03bec62d/fetch-polyfill.vflset/fetch-polyfill.js
200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/03bec62d/fetch-polyfill.vflset/fetch-polyfill.js
IP
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/03bec62d/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 21:07:34 GMT
expires: Wed, 01 Nov 2023 21:07:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
content-type: text/javascript
age: 500028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/03bec62d/player_ias.vflset/en_US/base.js
200 OK 586 kB URL HTTP/2 www.youtube.com/s/player/03bec62d/player_ias.vflset/en_US/base.js
IP
File type ASCII text, with very long lines (554)
Size 586 kB (586145 bytes)
Hash 59ae8b1fe12a398d071df712e4c53678
e7492452ade1fa40173baebcc3c2acafc4cb6b4d
499b6801a1d0f7f733b580b3bff207b601ca4743bc9eea1454c440f2473eea16
GET /s/player/03bec62d/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 586145
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 08:26:53 GMT
expires: Fri, 03 Nov 2023 08:26:53 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 31 Oct 2022 00:17:24 GMT
content-type: text/javascript
age: 372869
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6e8ee97ec58f7d2991905f88bd3a463f
b87a69e7b938d01a4ac7d74ec69bffb4051695f0
1fe031e258c6a541e040de89c4ebcdfd9ddf78d391f77e858b44aef18469373d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 16:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
200 OK 11 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash babb0d09b27851a7c080c2843211eb91
cf41327a7f5a83c8343e85741bc34cb53050449a
adc4ea8ee48fd9337d951234bd345899ddb116cad409265ee2cf01733ac82e84
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11376
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=02C3355054206E231C4A270555D56F77; domain=.bing.com; expires=Sat, 02-Dec-2023 16:01:22 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 565FCF45E11F47FDA220B766BA6469D1 Ref B: OSL30EDGE0222 Ref C: 2022-11-07T16:01:22Z
date: Mon, 07 Nov 2022 16:01:21 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 468ac0efd67dd2780135bf448cc7da25
00947fd67b5de701e189ba7ed00565fe6037a5bb
8cd8a90c2f8f54972f866f0c0828a680717dc336414775a454410cc35e3957ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 16:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
11442918.fls.doubleclick.net/activityi;src=11442918;type=pageview;cat=opera0;ord=1;num=8762969686203;gtm=2wgb20;auiddc=1586157265.1667836880;~oref=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3Dzehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs%26lptoken%3D16486755832e86638124%26zoneid%3D5284950%26bannerid%3D15511501%26geo%3DNO%26random%3D2968192001%26SUBID%3D613514948097872627%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk3?
200 OK 905 B URL HTTP/2 11442918.fls.doubleclick.net/activityi;src=11442918;type=pageview;cat=opera0;ord=1;num=8762969686203;gtm=2wgb20;auiddc=1586157265.1667836880;~oref=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3Dzehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs%26lptoken%3D16486755832e86638124%26zoneid%3D5284950%26bannerid%3D15511501%26geo%3DNO%26random%3D2968192001%26SUBID%3D613514948097872627%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk3?
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1347), with no line terminators
Hash 175309f4cb93bf7e0d116fb7c4fb66e8
0d774897c7ef6003930b7fccde70d65b2ee630ce
04bebc3c3d7f0506ee743c9c9ec77f4207e747019577f8d82e1d30aad14555a2
GET /activityi;src=11442918;type=pageview;cat=opera0;ord=1;num=8762969686203;gtm=2wgb20;auiddc=1586157265.1667836880;~oref=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3Dzehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs%26lptoken%3D16486755832e86638124%26zoneid%3D5284950%26bannerid%3D15511501%26geo%3DNO%26random%3D2968192001%26SUBID%3D613514948097872627%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk3? HTTP/1.1
Host: 11442918.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 16:01:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 905
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 07-Nov-2022 16:16:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 468ac0efd67dd2780135bf448cc7da25
00947fd67b5de701e189ba7ed00565fe6037a5bb
8cd8a90c2f8f54972f866f0c0828a680717dc336414775a454410cc35e3957ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 16:01:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11335
Expires: Mon, 07 Nov 2022 19:10:17 GMT
Date: Mon, 07 Nov 2022 16:01:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11335
Expires: Mon, 07 Nov 2022 19:10:17 GMT
Date: Mon, 07 Nov 2022 16:01:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa958db65-71f7-4c79-9753-9af1fe88477b.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa958db65-71f7-4c79-9753-9af1fe88477b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a5e060b41bd5313b1cf828c1d5ecbcc
e63e4bee84953491236a8261ef07b5a4743fa891
e8750b0156ed980f11682d92f5c60ce2783518b37f156e74340617a74d826813
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa958db65-71f7-4c79-9753-9af1fe88477b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13224
x-amzn-requestid: fb0d928d-925b-4b89-9165-e17cf9c3492d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJy6zH3GoAMFdtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366feab-01cda80140a9174e718833c3;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 00:24:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wlegOy4mTlSGjBv2VVBylItdbR8-hLnME8lZEkEO_XmSA04Y29HjrQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 15:14:16 GMT
age: 2826
etag: "e63e4bee84953491236a8261ef07b5a4743fa891"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F100d1c51-b2c7-40d5-bd34-a37c21b8252d.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F100d1c51-b2c7-40d5-bd34-a37c21b8252d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0a079a6dfb70fb2a2d6b5aff7103f73
55ffd5d6cb8074bdbdb8d06719119021bc81aeab
196ffd4e5245355c1c5d67f49b28200630ccfe1e4ebaa7280154b7adaf39b18f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F100d1c51-b2c7-40d5-bd34-a37c21b8252d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9435
x-amzn-requestid: 7c39c00f-1362-44c1-9628-749045e542b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEIU9G5gIAMFzZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364ba85-57fbfb872251c37f4137b262;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 07:08:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GaFmcnh2vF0lCj_QPQ7SAIT_UzHHyr8UaHa-R_ifuZsX7quU0mBJ9Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 19:49:42 GMT
age: 72700
etag: "55ffd5d6cb8074bdbdb8d06719119021bc81aeab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/embed/Uv-jwjKxZsk?controls=0
200 OK 40 kB URL HTTP/2 www.youtube.com/embed/Uv-jwjKxZsk?controls=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash bd2b606c92d3df823fe99673aeec1d04
963d9a12c4c29c3bda36ade9a185ea4fa37f159e
54484920167f419bb78a35fdf5b189a0489f73aee7c9509051b251e9d47593b8
GET /embed/Uv-jwjKxZsk?controls=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 07 Nov 2022 16:01:22 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=V7HpuiH-UDw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=vmppdfY_2ZE; Domain=.youtube.com; Expires=Sat, 06-May-2023 16:01:22 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+765; expires=Wed, 06-Nov-2024 16:01:22 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba2be0c-46a2-4aa1-be6e-09cafbba66a9.jpeg
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba2be0c-46a2-4aa1-be6e-09cafbba66a9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1190aa1b3db742f1cc476e53b34479b7
7e7ba87cfbc21acc28219c68521eedd6d3f614a0
6724e0c14b11cf9ef8c2050116115e5f7985f744184a7d2e8ea4c0189bd1997d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba2be0c-46a2-4aa1-be6e-09cafbba66a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7309
x-amzn-requestid: 0d1c4df8-769e-497b-999c-b1087d79dfe4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKLIGGWHIAMFhiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63672566-1745417f7ed16a0576321e03;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 03:09:26 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Jxy0K13kA9KV6V4d_-nxs7HZk7J2JgKeJFsC1NXhJI0SvEBXSuRBbQ==
via: 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 03:38:14 GMT
age: 44588
etag: "7e7ba87cfbc21acc28219c68521eedd6d3f614a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 06:28:00 GMT
age: 34402
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcc79e66d1e21452efb26d26650f6739
1f727a7ea032082658944cf4041686446fb6b5f2
af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nVtRSCFPqKF3dF0E9tQ4Ojyz7CXl7OkKDm7vDfOlrH9_8axDPoEvNQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 21:44:34 GMT
age: 65808
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=11442918;type=pageview;cat=opera0;ord=1;num=8762969686203;gtm=2wgb20;auiddc=1586157265.1667836880;~oref=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3Dzehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs%26lptoken%3D16486755832e86638124%26zoneid%3D5284950%26bannerid%3D15511501%26geo%3DNO%26random%3D2968192001%26SUBID%3D613514948097872627%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk3
200 OK 910 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=11442918;type=pageview;cat=opera0;ord=1;num=8762969686203;gtm=2wgb20;auiddc=1586157265.1667836880;~oref=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3Dzehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs%26lptoken%3D16486755832e86638124%26zoneid%3D5284950%26bannerid%3D15511501%26geo%3DNO%26random%3D2968192001%26SUBID%3D613514948097872627%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk3
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1346), with no line terminators
Hash 66c77bf570393e37829ea2a05994bc0a
72ab96e8e59f0ad2377d20011ed526637509b1ca
c64b994898f9411481c30eececca1189f07b04456d5e0473fdf376fe25ddf928
GET /ddm/fls/i/src=11442918;type=pageview;cat=opera0;ord=1;num=8762969686203;gtm=2wgb20;auiddc=1586157265.1667836880;~oref=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3Dzehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs%26lptoken%3D16486755832e86638124%26zoneid%3D5284950%26bannerid%3D15511501%26geo%3DNO%26random%3D2968192001%26SUBID%3D613514948097872627%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk3 HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11442918.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 16:01:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 910
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/11002730.js
204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/11002730.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/11002730.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=3AA6D1FD54026AB60497C3A855F76B47; domain=.bing.com; expires=Sat, 02-Dec-2023 16:01:23 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 988A79C2C4A84109A1F62FF39123BBE7 Ref B: OSL30EDGE0222 Ref C: 2022-11-07T16:01:23Z
date: Mon, 07 Nov 2022 16:01:22 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=11002730&tm=gtm002&Ver=2&mid=6c28a8fa-25fb-4825-b2d9-d73494b13929&sid=6b944b705eb511ed8bbe698e65df7c4a&vid=6b943a205eb511ed8f041d9620ddc976&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Opera%20GX&p=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3Dzehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs%26lptoken%3D16486755832e86638124%26zoneid%3D5284950%26bannerid%3D15511501%26geo%3DNO%26random%3D2968192001%26SUBID%3D613514948097872627%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk3&r=<=614&evt=pageLoad&sv=1&rn=366049
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=11002730&tm=gtm002&Ver=2&mid=6c28a8fa-25fb-4825-b2d9-d73494b13929&sid=6b944b705eb511ed8bbe698e65df7c4a&vid=6b943a205eb511ed8f041d9620ddc976&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Opera%20GX&p=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3Dzehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs%26lptoken%3D16486755832e86638124%26zoneid%3D5284950%26bannerid%3D15511501%26geo%3DNO%26random%3D2968192001%26SUBID%3D613514948097872627%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk3&r=<=614&evt=pageLoad&sv=1&rn=366049
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=11002730&tm=gtm002&Ver=2&mid=6c28a8fa-25fb-4825-b2d9-d73494b13929&sid=6b944b705eb511ed8bbe698e65df7c4a&vid=6b943a205eb511ed8f041d9620ddc976&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Opera%20GX&p=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3Dzehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs%26lptoken%3D16486755832e86638124%26zoneid%3D5284950%26bannerid%3D15511501%26geo%3DNO%26random%3D2968192001%26SUBID%3D613514948097872627%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk3&r=<=614&evt=pageLoad&sv=1&rn=366049 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.browsewithgx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0DF967F77ED7692709C275A27F2268C1; domain=.bing.com; expires=Sat, 02-Dec-2023 16:01:23 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 67DC77796B4C478281E9DEF5FC455BD9 Ref B: OSL30EDGE0222 Ref C: 2022-11-07T16:01:23Z
date: Mon, 07 Nov 2022 16:01:22 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 01c1a1367e530a799bcaee7de89eefee
19d2450df87f1f3bb1c94e6e0bafbd60c7aead00
79cce6506b30bd3c699a700851db3254c2b909e559c54408b7d254b8e50003e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 16:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=11442918;type=pageview;cat=opera0;ord=1;num=8762969686203;gtm=2wgb20;auiddc=1586157265.1667836880;~oref=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3Dzehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs%26lptoken%3D16486755832e86638124%26zoneid%3D5284950%26bannerid%3D15511501%26geo%3DNO%26random%3D2968192001%26SUBID%3D613514948097872627%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk3
200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=11442918;type=pageview;cat=opera0;ord=1;num=8762969686203;gtm=2wgb20;auiddc=1586157265.1667836880;~oref=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3Dzehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs%26lptoken%3D16486755832e86638124%26zoneid%3D5284950%26bannerid%3D15511501%26geo%3DNO%26random%3D2968192001%26SUBID%3D613514948097872627%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk3
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=11442918;type=pageview;cat=opera0;ord=1;num=8762969686203;gtm=2wgb20;auiddc=1586157265.1667836880;~oref=https%3A%2F%2Fwww.browsewithgx.com%2F%3Ftl%3Ddeebcards-themier.com%26btn%3D2%26imp%3D0%26cep%3Dzehf47JiJgFvm9sCfE0mXK0zCEPWzBLkO6y-gHQFFt6fTVOIJVpZBtmEQc4N_051dAv2TU3cfG33D06VTxkRkO8cDpplRMy4uLg9rXndIRLPH4HLuo7_MZQuL3T4ONfpJFhkCtL_KOFORNcmk1-J0EoMaFGMf7sIA7FbiDcv0mReROe26Pb5JkSzAOhDe7NixbicfOqj9DdBdhGXvWikA1tGnbAKekuXALX5MxyIi1N7ifGEemNER72yswHYMcag8wBrs3oOxzQMIFURiPscczBaxTQcD4kvhG4rmkrdthr1hGZ_77yrfg70lsvztmW5IDWLZLKw6xZrkjGcgSGeO2gCIs0ShjdPul55yRSzOaIM2lT_ZGbr-39S3ezwkcVmN7FYvHgrCNtL3UiFe1zbe9szK5f5SKqPxhBLDHfpuDcuUw9-8yAk6_-PeGE_jElUF_iE2njwzBIu4a1XeM6sM1JFK773Nw111eb-nE8ThNGS8UIVrqcQOouShXkevU_vHT8DRakCZsvVLPk1ePtlfNUWx2igS5aUmUQjitrh01pNrtfh58ndRdb0ncZDPlhs%26lptoken%3D16486755832e86638124%26zoneid%3D5284950%26bannerid%3D15511501%26geo%3DNO%26random%3D2968192001%26SUBID%3D613514948097872627%26campaignid%3D6269517%26category%3D%257Bcategory%257D%26adformat%3Donclick%26ntk%3D19%26cost%3D0.000496%26rdk%3Drk3 HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 16:01:23 GMT
expires: Mon, 07 Nov 2022 16:01:23 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 68c0fe6dfea25f758b29fb2a11e172ed
6f85af23e9f39a3c962c308b86a4eb110516c785
ff0d2c3e906c5ccc6532070e2e7dc46e29b0d1913f3feaa2232063aba4517031
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 16:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 15:59:05 GMT
expires: Mon, 07 Nov 2022 16:14:05 GMT
cache-control: public, max-age=900
age: 138
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c6d6c54103958d5cb2f315ca1ce5de87
ec77a85040cede22bddb4274f06b889f110d6c9a
6313b11766367e7f964d7f523662eaf7248f10577ea3bf2f65db52e16d152417
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 16:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 07 Nov 2022 16:01:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odeak=1&odepv=1&osfc=1&alr=yes&id=66746
200 OK 242 B URL HTTP/2 redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odeak=1&odepv=1&osfc=1&alr=yes&id=66746
IP
File type ASCII text, with very long lines (312), with no line terminators
Hash b5d44b3ccca5ee371530280c808bd3bf
bc73e735960914d3500fb8f072446c7e56e98705
5d4f063946ae58605ded3c6ebd366212e4adbad3b4140d978d8ab4c716a7d00a
GET /initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odeak=1&odepv=1&osfc=1&alr=yes&id=66746 HTTP/1.1
Host: redirector.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 07 Nov 2022 16:01:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
content-type: text/plain; charset=UTF-8
content-encoding: gzip
server: ClientMapServer
content-length: 242
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id?slf_rd=1
200 OK 120 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id?slf_rd=1
IP
Hash c24973fcde05bf056e233039bd8dcb6a
344adcf0f4ed0f2eb37d8fd22cf4a6676d76454e
9f1e651d308cc879d74b03ee6df98dd26fae2ececb28f8cc7b6cc3ec6f5fb215
GET /pagead/id?slf_rd=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Referer: https://www.youtube.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-type: application/json; charset=UTF-8
date: Mon, 07 Nov 2022 16:01:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 07 Nov 2022 16:01:23 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c6d6c54103958d5cb2f315ca1ce5de87
ec77a85040cede22bddb4274f06b889f110d6c9a
6313b11766367e7f964d7f523662eaf7248f10577ea3bf2f65db52e16d152417
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 16:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash ba8ae476fea3a57e9a874a561fbc10d4
f6f95140e563b421740500eec1063160d891cb99
61f6292a866442e68fa6566ba86658b9d33627069232b8b6ff18c0b5770e1645
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 07 Nov 2022 16:01:23 GMT
server: ESF
cache-control: private
content-length: 30767
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 07 Nov 2022 16:01:23 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 41a06ae161ab0ac723ec9af872b2cd29
a09d6743f7ce4cf3fb0517f1e947fb5d546a1b12
95792b4edfe62d92ca86c9b1d6d18d23c1db57f7e2114f227b8473dd6d357d77
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1227
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 07 Nov 2022 16:01:23 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bf55a5e3b388533c18f4eed310ed28b9
3d9564cad00a8349f63a5c72118b0776524d0eb7
97c32c42968f5f4acf571408533a411b992720182a1477dc95fd792eedbcc624
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 07 Nov 2022 16:01:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js
200 OK 14 kB URL HTTP/2 www.google.com/js/th/gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js
IP
File type ASCII text, with very long lines (36070)
Hash 7d6dc2989ad5a0a0590a37f1e0d2fb53
d8a8adcb74248ab834fa21e83d4935dd9a1ff4aa
92dfcdcf42525cfbe070b98ead507fa1cb2db11b4e5d390b64f04fc661c6515c
GET /js/th/gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Nov 2022 00:44:54 GMT
expires: Mon, 06 Nov 2023 00:44:54 GMT
cache-control: public, max-age=31536000
age: 141390
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa77f05b1af971db287607d9d9a30e0f
276f1493d6da74c8fa3ef83dee77bf48850ff4b4
005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1rzBJigxxARLwKhQ_2PvkVnWD2wUH9UPfyVKIe9lmvtmtMRwWjR21g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 22:16:58 GMT
age: 63871
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.dcampu.com/go/e3745bdb-d782-4be9-8d8c-c70b7854cd5e?
302 Found 0 B URL HTTP/2 www.dcampu.com/go/e3745bdb-d782-4be9-8d8c-c70b7854cd5e?
IP
GET /go/e3745bdb-d782-4be9-8d8c-c70b7854cd5e? HTTP/1.1
Host: www.dcampu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 07 Nov 2022 16:01:20 GMT
content-type: text/html; charset=utf-8
location: https://fregtrsatnt.com/link?z=5284949&var=bck&ymid=EJmghARfTuLcuQxoo5mKDS
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
set-cookie: bemob-uniq-visit:e3745bdb-d782-4be9-8d8c-c70b7854cd5e=1; Domain=www.dcampu.com; Path=/; Expires=Tue, 08 Nov 2022 16:01:20 GMT; HttpOnly
bemob-rotation:e3745bdb-d782-4be9-8d8c-c70b7854cd5e:random:cf02864f0c689ca1e36ba7a50902a412=0-0-0; Domain=www.dcampu.com; Path=/; Expires=Tue, 08 Nov 2022 16:01:20 GMT; HttpOnly
bemob-click-id=EJmghARfTuLcuQxoo5mKDS; Domain=www.dcampu.com; Path=/; Expires=Tue, 08 Nov 2022 16:01:20 GMT; HttpOnly
vary: Accept
x-response-time: 23.223ms
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUaE5eqMNupOuzor68n7%2F2VqXeQm9aN5vRTlWzx9OF7tpgDzkLdU6bBt4oHLKG0L8RhLfzmIG%2B9s%2Br5N1RDD5tMEz%2F6Z85Qi8T9Mh2UfW7UegPdk3GVH6%2BKHTXUIIKvvAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 766749790c380b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
104.21.90.242
104.21.90.242
93.184.220.29
216.58.207.194
23.36.77.32
52.57.25.237