t-adbar1.com/_kc1h
44.209.134.182302 Found 0 B IP 44.209.134.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_kc1h HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 01 Mar 2023 07:17:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Set-Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Fri, 31-Mar-2023 07:17:19 GMT; Max-Age=2592000; SameSite=Lax
Location: https://t-adbar1.com/_kc1h
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b44b6d7bebf34d0393567b22a63a93fa
a1a85b268bc8073d8e4622ceb78b78a1b39af96a
4b69973af6e9c5a78d94e8661b08d9349176a515e7bfb3386b10ace4c6f1ae21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B69973AF6E9C5A78D94E8661B08D9349176A515E7BFB3386B10ACE4C6F1AE21"
Last-Modified: Tue, 28 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15283
Expires: Wed, 01 Mar 2023 11:32:02 GMT
Date: Wed, 01 Mar 2023 07:17:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5997f91ebc2eb50daf9983503bf68d86
9e173d1ec3154a6e77b673bc1ce382a531f01965
e2293a78d786cee4e424a86f17ffc821883a5da3628136dd3064c4c82ce68d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2293A78D786CEE4E424A86F17FFC821883A5DA3628136DD3064C4C82CE68D5A"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18267
Expires: Wed, 01 Mar 2023 12:21:46 GMT
Date: Wed, 01 Mar 2023 07:17:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Mar 2023 07:12:49 GMT
content-type: application/json
age: 270
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d533446f79adb9523ba9ed92587833da
442454b9811f80ef90768d154036ebd349b8770d
f329f0e623ed8981e9ce3eddb63add02a524ce0d95367ec106730a3dc105973c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F329F0E623ED8981E9CE3EDDB63ADD02A524CE0D95367EC106730A3DC105973C"
Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4147
Expires: Wed, 01 Mar 2023 08:26:26 GMT
Date: Wed, 01 Mar 2023 07:17:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IA9k9IWNRncPDgP5jIqYoIFPCEln/wqdsQz62VBQYlwu3hjAAMMCTUtwVGCIisl8H8ZzocymaVo=
x-amz-request-id: QEGQK5Z4J0K2AQ9S
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Mar 2023 06:32:32 GMT
age: 2687
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Mar 2023 07:17:19 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash ee36a801aa70bd61907ded10171784cf
52511eef839ec996f97ef29af8f441c544d710b2
bdd69f2bf23f7aff64611d3e5464ac3f911a1f1dab20151ad82e7b94f1da8cee
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171738
Date: Wed, 01 Mar 2023 07:17:20 GMT
Etag: "63fe4585-1d7"
Expires: Fri, 03 Mar 2023 06:59:38 GMT
Last-Modified: Tue, 28 Feb 2023 18:18:45 GMT
Server: ECAcc (bsa/EB4C)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AWP7WOXHGtwVAK-vbTqq1E3-pEnT8ZDyICPMS_DCj8lHJAS2Q9Ku8Q==
Age: 45653
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Last-Modified, Backoff, Alert, Cache-Control, ETag, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Mar 2023 07:03:35 GMT
age: 825
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3fdddc7cbd8ba19f4dde13325bc11ac8
5c8ea22f609187f7952c658a029d9fa9dc1c7fec
023903e256b75a839fa44d71f252cfa51f9ec26529c0a37a98cdbd6c10384365
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "023903E256B75A839FA44D71F252CFA51F9EC26529C0A37A98CDBD6C10384365"
Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18734
Expires: Wed, 01 Mar 2023 12:29:34 GMT
Date: Wed, 01 Mar 2023 07:17:20 GMT
Connection: keep-alive
t-adbar1.com/favicon.ico
44.193.111.200302 Found 138 B IP 44.193.111.200:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /favicon.ico HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Wed, 01 Mar 2023 07:17:20 GMT
content-type: text/html
content-length: 138
location: https://trafficadbar.com/favicon.ico
server: nginx
X-Firefox-Spdy: h2
t-adbar1.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
44.193.111.200302 Found 138 B URL HTTP/2 t-adbar1.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
IP 44.193.111.200:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6IlRoejFXQXBxbUVBUFNRWEg4dlhYa1E9PSIsInZhbHVlIjoia1dhY09XelFuTStNeW9SdGJ0engydz09IiwibWFjIjoiYTM0YTc0YmViZDRmMzAzNTkwOTdiNDBiYjczMzQ4NTI5MDkyZmM3ZTFjMGY1MTJmZTZhY2IzZDM3YTNjY2YyMyJ9&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Wed, 01 Mar 2023 07:17:20 GMT
content-type: text/html
content-length: 138
location: https://trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
server: nginx
X-Firefox-Spdy: h2
t-adbar1.com/assets/BarController.js
44.193.111.200200 OK 1.1 kB URL HTTP/2 t-adbar1.com/assets/BarController.js
IP 44.193.111.200:0
File type ASCII text, with very long lines (1068), with no line terminators
Hash efa0db095e35eb95ee151016e47c492b
82a86e0cdbbe5f4a1634b2274f076dbaa053b86e
5adfd45bc89f7c5d9bb06fafb7caf0f317f54849db006ad49301f027ad6ece4c
GET /assets/BarController.js HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6IlRoejFXQXBxbUVBUFNRWEg4dlhYa1E9PSIsInZhbHVlIjoia1dhY09XelFuTStNeW9SdGJ0engydz09IiwibWFjIjoiYTM0YTc0YmViZDRmMzAzNTkwOTdiNDBiYjczMzQ4NTI5MDkyZmM3ZTFjMGY1MTJmZTZhY2IzZDM3YTNjY2YyMyJ9&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:20 GMT
content-type: application/javascript
content-length: 1068
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
etag: "60c06a82-42c"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash a1a32bc7f514357158243f20d3269641
b69f02d320c2ef1f2d35ae31e63aa0a88035ef6f
f3a182b11c0b30562e0f2cb4319228acfd3316c481d6c770636d0895dd2404ad
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Mar 2023 07:17:20 GMT
Last-Modified: Tue, 28 Feb 2023 18:39:58 GMT
Server: ECAcc (nya/79EB)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9PMngG0kKQaNfBY0UwxxFrqZgKaA7qCuecgOcSLrLkaXNieY4475NA==
Age: 45442
push.services.mozilla.com/
35.166.158.207101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.166.158.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vGPfqfSpCDD1zO4ALf7msg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eDDNN6fhWhnbzQM/8qjqBx+X6wc=
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 8045ff578ef47a63f105e8ed08a630de
877071ebf13ea5781693d8264948d9913d74ae24
a5cba53dbcce3b5b208af8bec6aa851289c934cf7dd03b5cec22b51ae40240a7
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Mar 2023 07:17:20 GMT
Last-Modified: Tue, 28 Feb 2023 18:38:25 GMT
Server: ECAcc (bsa/EB2E)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -4AXJlqDOgVQvSpyLP45kyEexcv0KkIUSSGKPhcLtnGUCGnpb6mUNw==
Age: 45535
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
104.17.25.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32065)
Hash 63827323c175768ccb0e8ed54589a3e5
9760e238d6ecced66396798559f70593793d801e
196f9479a27db836a2a7454e222f0cb52d4eeb162e0a50e69401ba1a8d81b564
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 26909
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e4a"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 50455
expires: Mon, 19 Feb 2024 07:17:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GKOpbaGJfvvSHmMtz2YzX6zRjkPqONp4nOjvHoS4FWw%2B2xmu76U91Dvf9%2BBmGMiXysntvTBQvG5Q06Ph%2B3g9VSpdFeAse80FCqMNe2jPnX%2FR6eOuik6RzT%2ByeIsvUCEcq3F30ol"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7a0f9ea69b400b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/ui/1.11.4/jquery-ui.min.js
69.16.175.10200 OK 64 kB URL HTTP/2 code.jquery.com/ui/1.11.4/jquery-ui.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32035)
Hash 28749bfe6af321b7c932452b38ce8683
2b444e3dee68a935213db86fd188c22883a65683
9110cdde7eb592e332cf7fa4347e5b3b17a2868ecde80d0c4a054bf0dd5a03b2
GET /ui/1.11.4/jquery-ui.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://llclickpro.com
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:21 GMT
content-encoding: gzip
content-length: 64296
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-3ab2b"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1677655041.dop026.sk1.t,1677655041.cds068.sk1.hn,1677655041.cds020.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 3.0 kB IP 192.229.221.95:0
Hash 161f0c135f9a31d02302e712d2138ac9
3ffe71b381a03d8bb327504ecf1bd03e73893046
4369f66ccf5c545f975398c4f9e16a410ad2991939ad73cc0c09630be32a64bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 45874
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:21 GMT
Last-Modified: Tue, 28 Feb 2023 18:32:47 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
192.229.221.95200 OK 279 B IP 192.229.221.95:0
Hash 6a278c0e8102d444004412df8f840e8f
a94b1f924e38e00b67f660b474984bd0d9e8177b
a9a8d6fd23f1a3265c6a1d2c94eee85ab1b5d07ee491e9d0286c14842cc2114f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 46467
Cache-Control: max-age=150238
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:21 GMT
Etag: "63fdee5c-117"
Expires: Fri, 03 Mar 2023 01:01:19 GMT
Last-Modified: Tue, 28 Feb 2023 12:06:52 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
192.229.221.95200 OK 279 B IP 192.229.221.95:0
Hash 6a278c0e8102d444004412df8f840e8f
a94b1f924e38e00b67f660b474984bd0d9e8177b
a9a8d6fd23f1a3265c6a1d2c94eee85ab1b5d07ee491e9d0286c14842cc2114f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 46383
Cache-Control: max-age=150154
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:21 GMT
Etag: "63fdee5c-117"
Expires: Fri, 03 Mar 2023 00:59:55 GMT
Last-Modified: Tue, 28 Feb 2023 12:06:52 GMT
Server: ECAcc (ska/F757)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
192.229.221.95200 OK 3.8 kB IP 192.229.221.95:0
Hash 87f0ea0e419319bf7ad15eda4bc2f849
5003b07887e5f0ff3079f53d8a2f6cb507bf7f1d
e0edafe54d24f3170062af31ee026d6a882d909f986811a2c69812b23a89475c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 46145
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:21 GMT
Last-Modified: Tue, 28 Feb 2023 18:28:16 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
192.229.221.95200 OK 279 B IP 192.229.221.95:0
Hash ac240cf4592b4f1fd51d26ebf5993720
ceec75e31676975da91aa28676e4f4c0eaa75e8b
269b9d63cae378c3e9294bbc0e2c8c78427e4d0a478516964eb6c3befec15ce5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 46315
Cache-Control: max-age=100050
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:21 GMT
Etag: "63fd2ae8-117"
Expires: Thu, 02 Mar 2023 11:04:51 GMT
Last-Modified: Mon, 27 Feb 2023 22:12:56 GMT
Server: ECAcc (ska/F77E)
X-Cache: HIT
Content-Length: 279
imgavatar.llsvr.com/scsa7588.m.jpg
188.114.97.1200 OK 4.6 kB URL HTTP/2 imgavatar.llsvr.com/scsa7588.m.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 100x100, components 3\012- data
Hash 8c8ff51f6858c6fb1b8ace70a73759e9
5388d61308b409e08a0507b4364615a746fdd254
44317f0e3df8fda2e8eaf878a91a42d79c566823fe872f5448367186e6671ad2
GET /scsa7588.m.jpg HTTP/1.1
Host: imgavatar.llsvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:21 GMT
content-type: image/jpeg
content-length: 4644
last-modified: Sun, 26 Jun 2022 06:42:15 GMT
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8A6b6FO4aXeRDAFs%2BC8YN49qzG8%2FONjRA5M2epC%2B76JEXacBt6yiRKVBvi6JIfmf0W3rd2c97y%2BCG4naNwOJdekOFJcfagCK6xabWpkJeshENFcyx6k2pU%2BGuy13Sg%2BKPEjoLQ3G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a0f9ea6dc2c1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2f2b86251851c15a6378051a85964269
376c0277369d9cf0f23b197ed42b20be02bb1a8c
e1b4055a26895e7eb7791d8ae2bbd0066dd897ca0f9c27d896480fb0e8ce7bca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1B4055A26895E7EB7791D8AE2BBD0066DD897CA0F9C27D896480FB0E8CE7BCA"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20818
Expires: Wed, 01 Mar 2023 13:04:20 GMT
Date: Wed, 01 Mar 2023 07:17:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2f2b86251851c15a6378051a85964269
376c0277369d9cf0f23b197ed42b20be02bb1a8c
e1b4055a26895e7eb7791d8ae2bbd0066dd897ca0f9c27d896480fb0e8ce7bca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1B4055A26895E7EB7791D8AE2BBD0066DD897CA0F9C27D896480FB0E8CE7BCA"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20818
Expires: Wed, 01 Mar 2023 13:04:20 GMT
Date: Wed, 01 Mar 2023 07:17:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2f2b86251851c15a6378051a85964269
376c0277369d9cf0f23b197ed42b20be02bb1a8c
e1b4055a26895e7eb7791d8ae2bbd0066dd897ca0f9c27d896480fb0e8ce7bca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1B4055A26895E7EB7791D8AE2BBD0066DD897CA0F9C27D896480FB0E8CE7BCA"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20818
Expires: Wed, 01 Mar 2023 13:04:20 GMT
Date: Wed, 01 Mar 2023 07:17:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2f2b86251851c15a6378051a85964269
376c0277369d9cf0f23b197ed42b20be02bb1a8c
e1b4055a26895e7eb7791d8ae2bbd0066dd897ca0f9c27d896480fb0e8ce7bca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1B4055A26895E7EB7791D8AE2BBD0066DD897CA0F9C27D896480FB0E8CE7BCA"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20818
Expires: Wed, 01 Mar 2023 13:04:20 GMT
Date: Wed, 01 Mar 2023 07:17:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2f2b86251851c15a6378051a85964269
376c0277369d9cf0f23b197ed42b20be02bb1a8c
e1b4055a26895e7eb7791d8ae2bbd0066dd897ca0f9c27d896480fb0e8ce7bca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1B4055A26895E7EB7791D8AE2BBD0066DD897CA0F9C27D896480FB0E8CE7BCA"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20818
Expires: Wed, 01 Mar 2023 13:04:20 GMT
Date: Wed, 01 Mar 2023 07:17:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2b77c22-c3f8-4f19-bbf5-186e210147ab.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2b77c22-c3f8-4f19-bbf5-186e210147ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 52235b5f0cc478b1fd5cec46d9432b46
5c5b1814329c7fc3ac74d4dae119db7719fc26ec
1d373ebad0ad64bfd58793f491d4719d43a0770312652a700a9760804b27f13f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2b77c22-c3f8-4f19-bbf5-186e210147ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12013
x-amzn-requestid: b18966f1-be7a-40bb-a11a-f2e34ca640b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BEbrpGhVoAMFREw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fe7317-2781ca621d9e678f21aa066c;Sampled=0
x-amzn-remapped-date: Tue, 28 Feb 2023 21:33:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: E68nRyTscBJM6oa1B7b15UzMai_XODiWrUycez1lqj7H-0rzyibz6g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Feb 2023 21:38:31 GMT
age: 34731
etag: "5c5b1814329c7fc3ac74d4dae119db7719fc26ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7613bb6-fad8-4a15-a520-e65e62df9d85.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7613bb6-fad8-4a15-a520-e65e62df9d85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7ec4eb3b34b866ae1182da3969a3490
8490fb1c9d3401552b78e090e8f3c58e73652e1a
791fe1c82ef40592f5360e67fba5f0fadef4d39d7677d4f4938a0cf920d46465
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7613bb6-fad8-4a15-a520-e65e62df9d85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3601
x-amzn-requestid: 1584ca96-9fb7-466d-b5ca-c0b77cdf0fe4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BBO8AE9VIAMFfpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fd2b7f-2b09af7c664124ad6228ed6f;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 22:15:27 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: AvSPkogqa4i2UAbkTzH0o6C4HYqq_K7N38g7vyuW7HeAUnfKsnUc9g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Feb 2023 11:35:53 GMT
age: 70889
etag: "8490fb1c9d3401552b78e090e8f3c58e73652e1a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59ab132e-e9ad-4556-83de-990c4d390aef.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59ab132e-e9ad-4556-83de-990c4d390aef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3874c3a95ebd4b7fe922878cf7d818ac
d2f74c496308d92082e9499ebde79b65226c63ee
53ca673869045cde8b0c7ad37ecae0583f60545215b86d3197cffd93323a177a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59ab132e-e9ad-4556-83de-990c4d390aef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10391
x-amzn-requestid: 3b126435-0e9d-4688-84d3-dedea6fc024f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BEbroFO8oAMFW6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fe7316-630925bc14685ec8593eb2ee;Sampled=0
x-amzn-remapped-date: Tue, 28 Feb 2023 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: IxeAET6uxzcr1cUTdoUPp6Vc6vvFMDMTQRU3eftq36GS02eKiy13Eg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Feb 2023 21:38:44 GMT
age: 34718
etag: "d2f74c496308d92082e9499ebde79b65226c63ee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3522243-5d97-4af8-b226-ab57b3bee6ce.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3522243-5d97-4af8-b226-ab57b3bee6ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c31845a0e9bfa6eefa096b10b1748e6
3ac78dbfb5e00eced4d80ead89637db5d5569b59
89da1434d398527a658be5746929afdc17064ea30d05b094b860557d101a2043
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3522243-5d97-4af8-b226-ab57b3bee6ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5676
x-amzn-requestid: c688d38f-fe89-4583-a61f-bd21fdc64325
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BBJiUGmboAMFWTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fd22db-17d51fe00701a6f13222bc9e;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 21:38:35 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: teauWLTks7ZSgX9YiAVkOoftmq-Zv0KmYZnZFgUulWmRYoGbmdl0iA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Feb 2023 22:06:55 GMT
age: 33027
etag: "3ac78dbfb5e00eced4d80ead89637db5d5569b59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F168e63b4-3ce9-4990-8cfe-f2f3645925e2.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F168e63b4-3ce9-4990-8cfe-f2f3645925e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e9c53b037c590cde3ec26668342bb79c
18176b39b2888a4843a551dcf544e6ff42071635
77580642879580aab11f6c95763029fa58ed25f6cafb1fcee71facc573cf3cd7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F168e63b4-3ce9-4990-8cfe-f2f3645925e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9644
x-amzn-requestid: 8bc468d2-5ab6-46dc-a4c3-f3243d455400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A36FeEMyoAMF2zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f97089-1d978335370496ab14681c79;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 02:20:57 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Gz08KSK9ij-FhtHEtnUUyKw1SKl6Gz_ubjJXJcDej94rT6mq-_PTlQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Feb 2023 20:57:20 GMT
age: 37202
etag: "18176b39b2888a4843a551dcf544e6ff42071635"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4726917eabc29a977873ad26e264e70d
4619a0418ee08d6618ead537f31823c98f355b5a
d3c6b43d46ccff30f0003a063b6c4c78d4a782262bfdeb138e6c015555ce2dcb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3381
x-amzn-requestid: 8b89e7ab-b8b3-45cd-af3a-cc419e61f1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A-PNPFynoAMFn8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fbf8ba-616bedc230d1c2b13a09beae;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 00:26:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 7f5O-v2e1_OXVVveu0_kNtjOTnUAC5shUmd4JejtlrnliJsxeitcYA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Mar 2023 06:59:34 GMT
age: 1068
etag: "4619a0418ee08d6618ead537f31823c98f355b5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 38ae564ef87743eaaae8a36ff2040ef6
075258dbf97aaad476d8ea59bba9e29f49f12008
0d83ca3854d9e4539775adeeaf5a450c7ee1c997b7055c30936f022c9dabcbbb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D83CA3854D9E4539775ADEEAF5A450C7EE1C997B7055C30936F022C9DABCBBB"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6018
Expires: Wed, 01 Mar 2023 08:57:40 GMT
Date: Wed, 01 Mar 2023 07:17:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 79e85c48945c1a8bb7ff315ccf42ab45
2629919aca4fefd4ea0e01fc438290584c1c7bb2
0b1eab4fd6cc6d75c94d83751f0126fbae556b5e08f9518f45e28866067b0805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0B1EAB4FD6CC6D75C94D83751F0126FBAE556B5E08F9518F45E28866067B0805"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10881
Expires: Wed, 01 Mar 2023 10:18:43 GMT
Date: Wed, 01 Mar 2023 07:17:22 GMT
Connection: keep-alive
fonts.bunny.net/css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700|Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
194.242.11.186200 OK 3.4 kB URL HTTP/2 fonts.bunny.net/css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700|Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash 864f9247564971d81bbe3ec97528ebf1
35ee7b46308f12f312f46882b35451b87b69b6a7
37a399bdb0bcf2bb7f6721bc949c2913ce9132928be0d743489cdb87eb185035
GET /css?family=Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Oswald:200,300,regular,500,600,700|Palanquin%20Dark:regular,500,600,700|Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:22 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
last-modified: Wed, 01 Mar 2023 02:58:05 GMT
x-do-app-origin: 1fb91846-e6b7-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/01/2023 02:58:05
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 97fd519f329d7e6f1e5ba57960567f46
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/126-cloud/css/group-3-pro.css
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/126-cloud/css/group-3-pro.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /builds/pro/126-cloud/css/group-3-pro.css HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:22 GMT
content-type: text/css
content-length: 0
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Tue, 31 Jan 2023 10:24:52 GMT
x-amz-id-2: D/vPmtg5lZQe1lbzNUliWsOkuXdJXDCSzgsKeLJ0b1HkNUMVotOb0TTShgxWK/P7Lk+NBHk3fGs=
x-amz-request-id: B2CFN1KEHN5G4GM6
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/27/2023 10:58:45
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/126-cloud/css/group-3-pro.css>; rel="canonical"
cdn-status: 200
cdn-requestid: 834f0661a74f3df7f1c39b25f979c8c1
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash bfbcef54be3178de9154d50361328ad1
8f53b45b4165055a9c13892e7e944eabd5b563da
a9b359d670b21fdb03ff7e9ecbf63ac76925fe11af53e6128014971b585c7af5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.morecouponstogo.com/uni-landing
34.237.47.210200 OK 40 kB URL HTTP/2 www.morecouponstogo.com/uni-landing
IP 34.237.47.210:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6684)
Hash c6b57db6ec20967569246c351820c7e2
6697f368299f2b9b422b1650023ecb2ed67d89c2
2971a4010b2c3d01d62ba3a27d6c80290097b31c03de3e01ddd832013583907f
Analyzer Verdict Alert fortinet Phishing
GET /uni-landing HTTP/1.1
Host: www.morecouponstogo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Mar 2023 07:17:22 GMT
content-type: text/html; charset=UTF-8
content-length: 39785
x-brizy-preview: 1
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
x-varnish: 294258888 177467240
age: 1643353
via: 1.1 varnish (Varnish/6.2)
x-cache: HIT
x-cache-hits: 12858
pragma: no-cache
expires: -1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 280 B IP 192.229.221.95:0
Hash 9dfb8304ea4632c7ffc4aacef9dc6da2
b3dc894cc540b60d6f1c3fcd57bbbd9f8c16e124
5dc36dbb9395ad29fedb7110b25ded2765d3322d96fc77e284caf4af482e878d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 45196
Cache-Control: max-age=119802
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:22 GMT
Etag: "63fd7c70-118"
Expires: Thu, 02 Mar 2023 16:34:04 GMT
Last-Modified: Tue, 28 Feb 2023 04:00:48 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
192.229.221.95200 OK 280 B IP 192.229.221.95:0
Hash 5f81423dd789ab7705edd84471c039c9
427e3a4eefbd2d78d40bfe2d27a2cd6e04cc5f14
59027ecbfa76ebba4c980c4df8c3d97da529c64ccb09e010e8b612d52efcd7ef
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 45726
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:22 GMT
Last-Modified: Tue, 28 Feb 2023 18:35:16 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 280
www.googletagmanager.com/gtag/js?id=G-LRYZTN7NCV
142.250.74.168200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LRYZTN7NCV
IP 142.250.74.168:0
File type ASCII text, with very long lines (19467)
Hash e7f221d33bc71ce69688de44d45674e6
651a978090ebc0c9ebc6f7e6445b87c8512bfa6a
100fa399d538625e819aafc4cb9db995a2f19fa9144c71cd6a0e90f4677ea862
GET /gtag/js?id=G-LRYZTN7NCV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 Mar 2023 07:17:22 GMT
expires: Wed, 01 Mar 2023 07:17:22 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78914
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.pawns.app/images/b/728.jpg
172.67.128.98200 OK 36 kB URL HTTP/2 cdn.pawns.app/images/b/728.jpg
IP 172.67.128.98:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 728x90, components 3\012- data
Hash 1a16a35751a49694efb63b5940346594
dc17e89b059f3cafb83822ede344fdcd62e6fe89
067683e1633fba7df1a636b4983d1c2a3847068f7b6599358c534368bd49e660
GET /images/b/728.jpg HTTP/1.1
Host: cdn.pawns.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:23 GMT
content-type: image/jpeg
content-length: 35887
last-modified: Tue, 30 Aug 2022 15:35:34 GMT
expires: Sat, 03 Feb 2024 12:34:55 GMT
cache-control: public, max-age=31536000, no-transform
cf-cache-status: HIT
age: 50261
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TafbrbR8vUOhToxcn963gOiGLmq2qkZji38YpW1k%2FHpf%2FwFlWoNGeVSmrMPhj4esc0TcShFe0QyMNH9ru5GzKAiRz14N1cHeBYzCAy9PrlZVGnt4hunaluUeRtILhazG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a0f9eb2e8cab51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash d049294d7a8c5e927c30b1383401ee4a
87d8518cc5ed6386b34353e0c943c4db685c2f18
f0fae212e6b1a8425e126a84140f7e2ba94babd0c964a68d252c6ba4e8989949
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Mar 2023 07:17:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 05 Mar 2023 04:18:34 GMT
ETag: "87d8518cc5ed6386b34353e0c943c4db685c2f18"
Last-Modified: Wed, 01 Mar 2023 04:18:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2525
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a0f9eb2fe0fb4ee-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 9818950852a6dbe67a10b2cfc04ca06b
a2e3fe3ad5d8de2f048d8cd5616c7063bdfcf6f5
2e7244cf2e56218954286cec332d5aedd0750ff0f6f8beb94d0a0ce52823a021
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Mar 2023 07:17:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 28 Feb 2023 02:45:16 GMT
Expires: Tue, 07 Mar 2023 02:45:15 GMT
Etag: "a2e3fe3ad5d8de2f048d8cd5616c7063bdfcf6f5"
Cache-Control: max-age=501472,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a0f9eb1dc861bfe-OSL
b-cloud.b-cdn.net/builds/free/252-cloud/editor/js/group-jq.js
194.242.11.186200 OK 38 kB URL HTTP/2 b-cloud.b-cdn.net/builds/free/252-cloud/editor/js/group-jq.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash e194050e5f720b9f96f35c2989fcf4d9
6e27ecd59b12809b552278d414c4c5b3da9d01fe
a4fd8e452b0df76bee1b559933139baa58cc94378aa683d0466285c5c9b19135
GET /builds/free/252-cloud/editor/js/group-jq.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:22 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"4d182f886a2c9b4750d67b18a8d83d3e"
last-modified: Tue, 31 Jan 2023 10:22:37 GMT
x-amz-id-2: djmkNlwi7/AEjy+Y++DfxleOQHVAadLbN5mCW77fLWxGcYkYqv7tklBJnRVvWcuPS7+ls5p1KfY=
x-amz-request-id: 87HPH1Z5ADVWBFPD
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/31/2023 14:27:10
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/free/252-cloud/editor/js/group-jq.js>; rel="canonical"
cdn-status: 200
cdn-requestid: a7aa0b4ef36cda6f7b9a3d8f24bd7a8f
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 280 B IP 192.229.221.95:0
Hash 9dfb8304ea4632c7ffc4aacef9dc6da2
b3dc894cc540b60d6f1c3fcd57bbbd9f8c16e124
5dc36dbb9395ad29fedb7110b25ded2765d3322d96fc77e284caf4af482e878d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 45197
Cache-Control: max-age=119802
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:23 GMT
Etag: "63fd7c70-118"
Expires: Thu, 02 Mar 2023 16:34:05 GMT
Last-Modified: Tue, 28 Feb 2023 04:00:48 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 280
b-cloud.b-cdn.net/builds/pro/126-cloud/js/group-3.pro.js
194.242.11.186200 OK 70 kB URL HTTP/2 b-cloud.b-cdn.net/builds/pro/126-cloud/js/group-3.pro.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8618803270769309cd303113e62b0dd4
7d16a2f6468bf9470d87bd0cb2244a11d63c2b5b
c6ae45e1c40fa074858e0f2256a03a42e65c8b5e613d6f1570fe762b9ce4dc1f
GET /builds/pro/126-cloud/js/group-3.pro.js HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:22 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=31919000
etag: W/"864e134a7962ccb8605a940e471fad36"
last-modified: Tue, 31 Jan 2023 10:24:53 GMT
x-amz-id-2: /dCtab30ki56SQnmcIFLfm8aT1JUpx+Dd3p0KjOAsP5wuJzLXkQe9m5DKIv4RPxvOFChRgM0GxU=
x-amz-request-id: 0CP3M9AZHVRBHVNX
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/26/2023 12:16:17
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/126-cloud/js/group-3.pro.js>; rel="canonical"
cdn-status: 200
cdn-requestid: b63fc5386dea2c7893c762c43f2db5bb
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8757fbed8a9fbb2182a66dd0776c674b
62f0a32c74a7fad1494e4eab1e9b553f138e94cd
399a53cfdbcb6b4ac9b8da06ea32d933453aebbfa4c70d2c198ae28b1b58c487
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "399A53CFDBCB6B4AC9B8DA06EA32D933453AEBBFA4C70D2C198AE28B1B58C487"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21400
Expires: Wed, 01 Mar 2023 13:14:03 GMT
Date: Wed, 01 Mar 2023 07:17:23 GMT
Connection: keep-alive
www.redbubble.com/assets/external_portfolio.js
104.18.8.241301 Moved Permanently 13 kB URL HTTP/2 www.redbubble.com/assets/external_portfolio.js
IP 104.18.8.241:0
File type Web Open Font Format (Version 2), TrueType, length 12848, version 1.0\012- data
Hash f0b3206d02a2f684530117ce1d7e8ce0
f3708b707b65e241b0f1c819d5f7bf7da8412653
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
GET /assets/external_portfolio.js HTTP/1.1
Host: www.redbubble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 01 Mar 2023 07:17:23 GMT
location: https://d1ielco78gv5pf.cloudfront.net/assets/external_portfolio.js
cache-control: max-age=3600
expires: Wed, 01 Mar 2023 08:17:23 GMT
set-cookie: __cf_bm=TBWgOakbWgTcJreoGodL.DJ86sOnSNNsQW70qwwlLHM-1677655043-0-AQe+30sN81cfq63oKm5f5Ss9S+E23dYxySAaO/vFITK0/uiEaXVfTv54jsylwjxqz8mrb4xLrBK5rMJJR1qvDzQ=; path=/; expires=Wed, 01-Mar-23 07:47:23 GMT; domain=.redbubble.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a0f9eb2be70b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.bestchange.com/images/banners/banner-bg.png
54.37.161.241200 OK 658 B URL HTTP/2 www.bestchange.com/images/banners/banner-bg.png
IP 54.37.161.241:0
File type PNG image data, 468 x 60, 8-bit colormap, non-interlaced\012- data
Hash 004a29e6947ee2d16ff509ac76cc553f
ca1186cbe2e48aaab8acae2fde105d4b08d15ef2
39e8df19bafce1d8b59b430ab9125105c806b6f968810be670590ab77b026bb8
GET /images/banners/banner-bg.png HTTP/1.1
Host: www.bestchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Mar 2023 07:17:23 GMT
content-type: image/png
content-length: 658
last-modified: Sat, 12 Nov 2022 19:31:47 GMT
etag: "636ff4a3-292"
expires: Fri, 31 Mar 2023 07:17:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/oswald/files/oswald-latin-700-normal.woff2
194.242.11.186200 OK 10 kB URL HTTP/2 fonts.bunny.net/oswald/files/oswald-latin-700-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data
Hash 58e5c92fd1a1fc89b8ca6d74ce4793b8
337771c465778aeed6de18195e0cbe9d9098d299
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
GET /oswald/files/oswald-latin-700-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:23 GMT
content-type: font/woff2
content-length: 10172
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee20a-27bc"
last-modified: Fri, 30 Dec 2022 13:05:14 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/28/2023 10:32:04
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 9cfe39c82bccb4f2489b21e6fa1c49f6
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/montserrat/files/montserrat-latin-600-normal.woff2
194.242.11.186200 OK 13 kB URL HTTP/2 fonts.bunny.net/montserrat/files/montserrat-latin-600-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 12700, version 1.0\012- data
Hash e571167fbcce8d5081bce96a09930063
e12420f5e4da3ccdc75a58ce744e7d5a0c6cf79e
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
GET /montserrat/files/montserrat-latin-600-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:23 GMT
content-type: font/woff2
content-length: 12700
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aea094-319c"
last-modified: Fri, 30 Dec 2022 08:25:56 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:43:20
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 689bc2f167c3c034da95a2e7fef8d78e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/lato/files/lato-latin-400-normal.woff2
194.242.11.186200 OK 24 kB URL HTTP/2 fonts.bunny.net/lato/files/lato-latin-400-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /lato/files/lato-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:23 GMT
content-type: font/woff2
content-length: 23580
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63ae91bd-5c1c"
last-modified: Fri, 30 Dec 2022 07:22:37 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:41:05
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: e21edbdf80dcd4455415cfb7bcf5bf57
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/palanquin-dark/files/palanquin-dark-latin-700-normal.woff2
194.242.11.186200 OK 19 kB URL HTTP/2 fonts.bunny.net/palanquin-dark/files/palanquin-dark-latin-700-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 18824, version 1.0\012- data
Hash 0b8cbe6afbac36bab648231406851927
2f67e3adf1061cf82e075d636ae22bc4fca731ea
2c83b448afb8398f6ff0f1d684f125b13e0889b05c5041bb8ff4eb680a892089
GET /palanquin-dark/files/palanquin-dark-latin-700-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:23 GMT
content-type: font/woff2
content-length: 18824
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee488-4988"
last-modified: Fri, 30 Dec 2022 13:15:52 GMT
cdn-storageserver: SE-344
cdn-fileserver: 344
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/19/2023 14:38:27
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6836d5f597e7fb8de5f3ccd6981a8c92
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
a-cloud.b-cdn.net/media/iW=101&iH=101&oX=0&oY=16&cW=101&cH=70/9b040f5e483e93a7cce7e811fc84b625/image.png
194.242.11.186200 OK 2.0 kB URL HTTP/2 a-cloud.b-cdn.net/media/iW=101&iH=101&oX=0&oY=16&cW=101&cH=70/9b040f5e483e93a7cce7e811fc84b625/image.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image\012- data
Hash 99f2f3bd994a519250122d235f0da5d3
80413556bfc2e3b9fa0e856200020d7bca6af5e5
fb40359f8a5bea55a10c3eb5c3fa4a2a6cd77eba854972e437f8b81d175fab37
GET /media/iW=101&iH=101&oX=0&oY=16&cW=101&cH=70/9b040f5e483e93a7cce7e811fc84b625/image.png HTTP/1.1
Host: a-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:23 GMT
content-type: image/webp
content-length: 2032
server: BunnyCDN-NO1-830
cdn-pullzone: 465925
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Wed, 01 Mar 2023 02:58:05 GMT
x-bo-server: DE-137
x-downloadsize: 3099
x-bo-origindownloadtime: 387
x-bo-processingtime: 0
x-bo-compressionratio: 34.43%
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/01/2023 02:58:06
cdn-edgestorageid: 830
link: <https://www.brizy.cloud/media/iW=101&iH=101&oX=0&oY=16&cW=101&cH=70/9b040f5e483e93a7cce7e811fc84b625/image.png>; rel="canonical"
cdn-status: 200
cdn-requestid: 8f7aa4f5e5fc830edffd4bfa3b4e1d27
cdn-cache: HIT
X-Firefox-Spdy: h2
fonts.bunny.net/palanquin-dark/files/palanquin-dark-latin-400-normal.woff2
194.242.11.186200 OK 20 kB URL HTTP/2 fonts.bunny.net/palanquin-dark/files/palanquin-dark-latin-400-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 20084, version 1.0\012- data
Hash 732c9716022aa43449564603e08aeb9b
477fa3a5c43696287d20b4b491e36d754d1c8866
37bb3776ce24d18cccdd5dc96199ad60c22afd1e190452a18e8c4fd2f8679a98
GET /palanquin-dark/files/palanquin-dark-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:23 GMT
content-type: font/woff2
content-length: 20084
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee486-4e74"
last-modified: Fri, 30 Dec 2022 13:15:50 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/18/2023 23:11:29
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 01234fe467d784fd662b46f47441d71a
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
a-cloud.b-cdn.net/media/iW=5000&iH=any/2140325504fda1a2cde8af4bef434f25/maxresdefault-3-.jpg
194.242.11.186200 OK 134 kB URL HTTP/2 a-cloud.b-cdn.net/media/iW=5000&iH=any/2140325504fda1a2cde8af4bef434f25/maxresdefault-3-.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 134 kB (133726 bytes)
Hash 17cb64a7e38ad2c297119061fc95c6de
d6e4522265fe3d65b3537a1d572efd41fd6cf3dc
08ef857da7faa71d137eb33c08bddd65735b149d578e088ee9e610d6d92d24a3
GET /media/iW=5000&iH=any/2140325504fda1a2cde8af4bef434f25/maxresdefault-3-.jpg HTTP/1.1
Host: a-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:23 GMT
content-type: image/webp
content-length: 133726
server: BunnyCDN-NO1-830
cdn-pullzone: 465925
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Wed, 01 Mar 2023 02:58:06 GMT
x-bo-server: DE-132
x-downloadsize: 146099
x-bo-origindownloadtime: 453
x-bo-processingtime: 12
x-bo-compressionratio: 8.47%
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 03/01/2023 02:58:06
cdn-edgestorageid: 830
link: <https://www.brizy.cloud/media/iW=5000&iH=any/2140325504fda1a2cde8af4bef434f25/maxresdefault-3-.jpg>; rel="canonical"
cdn-status: 200
cdn-requestid: fb87beefa5399653aeb22bd4d4c4125b
cdn-cache: HIT
X-Firefox-Spdy: h2
fonts.bunny.net/oswald/files/oswald-latin-400-normal.woff2
194.242.11.186200 OK 9.8 kB URL HTTP/2 fonts.bunny.net/oswald/files/oswald-latin-400-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /oswald/files/oswald-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:23 GMT
content-type: font/woff2
content-length: 9840
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee207-2670"
last-modified: Fri, 30 Dec 2022 13:05:11 GMT
cdn-storageserver: SE-344
cdn-fileserver: 344
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:41:40
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: c171b097decfb03bdb848141d0efc843
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d9441057dfd89bf829b682425aa22df2
003aa4b3c3c81786117a7d64bde556e9012fd5ef
d8eede4e2480852ecf426aa5bf9d5f6f1b07fb8336f69dff34a7e61a649a4553
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d9441057dfd89bf829b682425aa22df2
003aa4b3c3c81786117a7d64bde556e9012fd5ef
d8eede4e2480852ecf426aa5bf9d5f6f1b07fb8336f69dff34a7e61a649a4553
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 0c8e2c62e45c2e453e21f58a5d80235f
9880d628f2b9c512786b83cd2a7d703cd11be6a5
46c33418e41eabf1e17f77d0cab1fb00a7356dccc323cee5b5a673cca9efe94c
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 01 Mar 2023 07:17:23 GMT
Server: ECAcc (dcb/7338)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lZvGjYlb2Qs7S8FFTIxNYeh_-wfCHZLyum9RVPaGrew6-4MS8qYSCw==
fonts.bunny.net/roboto/files/roboto-latin-700-normal.woff2
194.242.11.186200 OK 16 kB URL HTTP/2 fonts.bunny.net/roboto/files/roboto-latin-700-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /roboto/files/roboto-latin-700-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:23 GMT
content-type: font/woff2
content-length: 15860
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aef481-3df4"
last-modified: Fri, 30 Dec 2022 14:24:01 GMT
cdn-storageserver: SE-318
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/05/2023 02:11:03
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 53ca3803354d9182a9455658e7c20d3e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/montserrat/files/montserrat-latin-500-normal.woff2
194.242.11.186200 OK 13 kB URL HTTP/2 fonts.bunny.net/montserrat/files/montserrat-latin-500-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 12820, version 1.0\012- data
Hash 3f2f6d9e64a95a40ea5dedfc91f42a95
9cd9f5a2f86f1d42390141d91619a0aa41a276b7
ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78
GET /montserrat/files/montserrat-latin-500-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:23 GMT
content-type: font/woff2
content-length: 12820
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aea091-3214"
last-modified: Fri, 30 Dec 2022 08:25:53 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:52:55
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 2a446d6b30b9305a6b7f6dae74bd1f54
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d9441057dfd89bf829b682425aa22df2
003aa4b3c3c81786117a7d64bde556e9012fd5ef
d8eede4e2480852ecf426aa5bf9d5f6f1b07fb8336f69dff34a7e61a649a4553
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8f75b920cdfe4e55e9be7e05aad35085
8ca8f62c6992f66229f22b9517cfd3e1e496b70a
530a0513eeb9b213ae3d9f87d8c6c8271d1a41ade50c00b260b53a4c07a89c8d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "530A0513EEB9B213AE3D9F87D8C6C8271D1A41ADE50C00B260B53A4C07A89C8D"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6023
Expires: Wed, 01 Mar 2023 08:57:46 GMT
Date: Wed, 01 Mar 2023 07:17:23 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3cb24a0e3d83f7099a7b771382b9a1c9
ad5b66f890a627410df36bc11e0c11de6b52a444
da7077c0f05e22fa87e7c4d0eb5c891e7a3c55fd86e36e0eeed400e3214a42f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3cb24a0e3d83f7099a7b771382b9a1c9
ad5b66f890a627410df36bc11e0c11de6b52a444
da7077c0f05e22fa87e7c4d0eb5c891e7a3c55fd86e36e0eeed400e3214a42f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/0nxwujvI9-4?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
142.250.74.78200 OK 644 kB URL HTTP/2 www.youtube.com/embed/0nxwujvI9-4?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
IP 142.250.74.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Size 644 kB (644416 bytes)
Hash 176a138aa7ec430fe12a850a41c626cb
5a3e8b12dd1c3e581f07103d7a1f0c5c14a18f8b
65b4835fecbe9ff4ae76929f0c11f69ea2167b5841e61a62f8fc1416951c1439
GET /embed/0nxwujvI9-4?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 Mar 2023 07:17:23 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=_eaKmMvimrs; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=mvg9ye8WNcQ; Domain=.youtube.com; Expires=Mon, 28-Aug-2023 07:17:23 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+416; expires=Fri, 28-Feb-2025 07:17:23 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3cb24a0e3d83f7099a7b771382b9a1c9
ad5b66f890a627410df36bc11e0c11de6b52a444
da7077c0f05e22fa87e7c4d0eb5c891e7a3c55fd86e36e0eeed400e3214a42f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3cb24a0e3d83f7099a7b771382b9a1c9
ad5b66f890a627410df36bc11e0c11de6b52a444
da7077c0f05e22fa87e7c4d0eb5c891e7a3c55fd86e36e0eeed400e3214a42f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 17:56:42 GMT
expires: Fri, 23 Feb 2024 17:56:42 GMT
cache-control: public, max-age=31536000
age: 480041
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 21:48:03 GMT
expires: Fri, 23 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 466160
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3cb24a0e3d83f7099a7b771382b9a1c9
ad5b66f890a627410df36bc11e0c11de6b52a444
da7077c0f05e22fa87e7c4d0eb5c891e7a3c55fd86e36e0eeed400e3214a42f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 81033f45fd0b3b170bdddb5c77c4fae1
4f2eea78cc213790b149bb877d1ebb66cd979c4e
6e2ecbd7e7b710458711d4fb429577c850ccc1022ee90302ec3f2a75a1eac5c9
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=119589
Date: Wed, 01 Mar 2023 07:17:23 GMT
Etag: "63fd98ae-1d7"
Expires: Thu, 02 Mar 2023 16:30:32 GMT
Last-Modified: Tue, 28 Feb 2023 06:01:18 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: X-Yfh_01c6wYL4AdPPDj-VKDfF2DYPELpMEd9QXC6bSjzp6KOXtXHQ==
Age: 37754
wealthdnacode.com/img/aff/wealthdna-600x250.jpg
162.211.82.195200 OK 134 kB URL HTTP/2 wealthdnacode.com/img/aff/wealthdna-600x250.jpg
IP 162.211.82.195:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x250, components 3\012- data
Size 134 kB (134496 bytes)
Hash f8b1f97d806a7940765cecca6adf13d2
aa9d13148556c6baf8568f7b0b17f9e31c367b0b
eb6cd2974287d51b45838d016d9493cb2c211a8ee38709325f69ef0316f3c669
GET /img/aff/wealthdna-600x250.jpg HTTP/1.1
Host: wealthdnacode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 08 Mar 2023 07:17:23 GMT
content-type: image/jpeg
last-modified: Fri, 16 Sep 2022 07:01:26 GMT
accept-ranges: bytes
content-length: 134496
date: Wed, 01 Mar 2023 07:17:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
cdn.affiliates.one/production/admin_affiliates_com_tw/image_creative/6848/x1dmuwbyv2tjwywndwsoqvvuraktdtp1szujaobnu_cheapoair_468x60.gif?wl=8&image_creative_id=6848&offer_id=1481&offer_variant_id=1871&network_id=169&affiliate_id=17200&affiliate_offer_id=1826500
143.204.55.56200 OK 14 kB URL HTTP/2 cdn.affiliates.one/production/admin_affiliates_com_tw/image_creative/6848/x1dmuwbyv2tjwywndwsoqvvuraktdtp1szujaobnu_cheapoair_468x60.gif?wl=8&image_creative_id=6848&offer_id=1481&offer_variant_id=1871&network_id=169&affiliate_id=17200&affiliate_offer_id=1826500
IP 143.204.55.56:0
File type GIF image data, version 89a, 468 x 60\012- data
Hash 97fea49af7bf619f505f90feb16ee6dc
e8d7deedfe00f192c37f176cd795b0a6caf2ea20
05f4606a5f2a901ca8bdd466d304ec19f4aae4bcdc9174eb3105303a1a477703
GET /production/admin_affiliates_com_tw/image_creative/6848/x1dmuwbyv2tjwywndwsoqvvuraktdtp1szujaobnu_cheapoair_468x60.gif?wl=8&image_creative_id=6848&offer_id=1481&offer_variant_id=1871&network_id=169&affiliate_id=17200&affiliate_offer_id=1826500 HTTP/1.1
Host: cdn.affiliates.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 13831
date: Wed, 01 Mar 2023 02:58:07 GMT
last-modified: Thu, 23 Oct 2014 04:46:14 GMT
etag: "97fea49af7bf619f505f90feb16ee6dc"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JwEP9qvfP-h5VGipoQrwuY9G3iLCSDTj0VvK-NRAKbVUqPy5hejvjw==
age: 15557
X-Firefox-Spdy: h2
www.bestchange.com/js/banner.php?p=1276983
54.37.161.241200 OK 3.3 kB URL HTTP/2 www.bestchange.com/js/banner.php?p=1276983
IP 54.37.161.241:0
Hash b12b56b5dce3c83e48b4a078c54e26cf
dca45e932e020b9d143289d3b19cbd544dad7d26
d61be504c49eda21ad95d8e7e6cbd07f6ce68170b790f31ad58a14d05d02b46a
GET /js/banner.php?p=1276983 HTTP/1.1
Host: www.bestchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Mar 2023 07:17:23 GMT
content-type: application/x-javascript; charset=windows-1251
cache-control: public, max-age=86400
set-cookie: userid=3eb584ce06090f52a2a1af46b4332066; expires=Sat, 26-Feb-2033 07:17:23 GMT; Max-Age=315360000; path=/
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 2e14aa1ac9c41a41ccd6870583a02699
c47b39ab19b459fcc0be9ad89cfe6bd390cf0a39
ee7ace030d88f9158f2a9770b6757c4b4c528b7070b5dc00d218109f64e9ab1a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 46266
Cache-Control: max-age=91011
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:24 GMT
Etag: "63fd07cd-1d7"
Expires: Thu, 02 Mar 2023 08:34:15 GMT
Last-Modified: Mon, 27 Feb 2023 19:43:09 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 6a95a23f2f34d757589241374f748dbd
fa7d95dca24d3ea08f588612c9f6a45fc197131f
a90c08f951c2a9945e6d6b332cbf8f2032e32b3fbe86b69279478b8068b133aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/undefined/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/undefined/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1957)
Hash 1470472e0f38ad0d470ce866331bd12b
cfebed7e84e1e779b918dc979176e59cfc51c7ec
82e7b0d54de23cff25c6cc489d45eebba5743bafae2dccb2ae04ca323a3f718b
GET /undefined/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: e44a9fd0ddd31d37bf57ca5477f5e67f
etag: "a1ae1b8b6a317850da22c76250e9f126"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 01 Mar 2023 07:24:29 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: FHBHLg84rQ1HDOhmMxvRKw==
x-fb-debug: AIb7dvi/ws86Feq8JyCrPeoYsZ+i3g8v8kE29Zr7Zlw7kw+Q3TL/3FwQsY4OgXP0e4fDu+aHkXYsO7FzRQyBfg==
content-length: 1686
x-fb-trip-id: 1679558926
date: Wed, 01 Mar 2023 07:17:24 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
yazing.com/css/showdeals-yzwg.css
54.81.41.150200 OK 406 B URL HTTP/1.1 yazing.com/css/showdeals-yzwg.css
IP 54.81.41.150:0
Hash 67799b159cb3ef050044a77a2b3a9b45
886d44342cba8c02f846fc12bcce675f8356f1b3
4e3c99e3266b36b09cbb5bac828e08cf82ffe1d810c57049627da012ce92fcaa
GET /css/showdeals-yzwg.css HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 01 Mar 2023 07:17:24 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Mon, 26 Apr 2021 12:38:43 GMT
ETag: "441-5c0df6d092f3d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Content-Length: 406
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4770623398847220
216.58.207.226200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4770623398847220
IP 216.58.207.226:0
File type ASCII text, with very long lines (3649)
Hash a71e4c51102926b886bf22d42b48f73b
8a9438e68bacaa3c4ab181fe98133517eb94eeeb
12bb46414e0a24b13104193622e104df9a2f17e5f34d3c402462436c0b0199da
GET /pagead/js/adsbygoogle.js?client=ca-pub-4770623398847220 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 01 Mar 2023 07:17:24 GMT
expires: Wed, 01 Mar 2023 07:17:24 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 4209687358906014310
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49375
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 2e14aa1ac9c41a41ccd6870583a02699
c47b39ab19b459fcc0be9ad89cfe6bd390cf0a39
ee7ace030d88f9158f2a9770b6757c4b4c528b7070b5dc00d218109f64e9ab1a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 45708
Cache-Control: max-age=90453
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:24 GMT
Etag: "63fd07cd-1d7"
Expires: Thu, 02 Mar 2023 08:24:57 GMT
Last-Modified: Mon, 27 Feb 2023 19:43:09 GMT
Server: ECAcc (ska/F757)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 6a95a23f2f34d757589241374f748dbd
fa7d95dca24d3ea08f588612c9f6a45fc197131f
a90c08f951c2a9945e6d6b332cbf8f2032e32b3fbe86b69279478b8068b133aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yazing.com/widget/ajax-show-deals
54.81.41.150200 OK 5.6 kB URL HTTP/1.1 yazing.com/widget/ajax-show-deals
IP 54.81.41.150:0
File type JSON data\012- , ASCII text, with very long lines (5640), with no line terminators
Hash f1c263b5814cb5578e014f728ca4354a
04cd5dca05fbc332f8b84ae0591dc319d082ac9e
c208e42f24a968e593b862dd67d6c1c958d3375ee732e41d5bfceb988f0073b7
POST /widget/ajax-show-deals HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 379
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 01 Mar 2023 07:17:24 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: advanced-frontend=jgrracnbcnuoloev0eqpmnspq7; expires=Fri, 28-Feb-2025 07:17:24 GMT; Max-Age=63072000; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Content-Length: 5640
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
www.brizy.cloud/customfile/83514b99a26a80e89d4d5e894e4e99c3.mp4
3.95.91.48200 OK 508 kB URL HTTP/1.1 www.brizy.cloud/customfile/83514b99a26a80e89d4d5e894e4e99c3.mp4
IP 3.95.91.48:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 508 kB (508056 bytes)
Hash 5ecc9327e66f947f63a96a663ca5777b
2f7601a7660b89e5569f1ac11cccb83462014258
b94b18ca90efb760c883154f676c6b18b2d6ca0462f6c604dd8363b08ef15245
GET /customfile/83514b99a26a80e89d4d5e894e4e99c3.mp4 HTTP/1.1
Host: www.brizy.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Mar 2023 07:17:24 GMT
Content-Type: video/mp4
Content-Length: 4405283
Connection: keep-alive
Cache-Control: public
Last-Modified: Wed, 01 Mar 2023 07:17:24 GMT
Content-Disposition: attachment; filename="Homepage-20video-20on-20White-mp4.mp4"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
yazing.com/uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png
54.81.41.150200 OK 32 kB URL HTTP/1.1 yazing.com/uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png
IP 54.81.41.150:0
File type PNG image data, 156 x 156, 8-bit/color RGB, non-interlaced\012- data
Hash e73e4950ca69496813697388bd293d8e
5d318dc8a278e0557dd0a27001294b2bdfbbc67f
9b79ee4d11f956e94c8bf287a0f813bd48dc25f269f121685393abbb37e271e1
GET /uploads/2022-01/thumb_1d6cfb9c5765949020b8a9463b883803.png HTTP/1.1
Host: yazing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 01 Mar 2023 07:17:25 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sat, 08 Jan 2022 10:03:48 GMT
ETag: "7ee3-5d50f3844096e"
Accept-Ranges: bytes
Content-Length: 32483
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 4cc473f4ebe5832e49d74ac3ef92763c
b3216638ba1f89a2d3ce4879527fb2f598c3f8b1
5c68e0782a28ee23394f669a848acfbf464d7b2c5e0d43ed67ce4bd7c8457071
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106586
Date: Wed, 01 Mar 2023 07:17:25 GMT
Etag: "63fd4450-1d7"
Expires: Thu, 02 Mar 2023 12:53:51 GMT
Last-Modified: Tue, 28 Feb 2023 00:01:20 GMT
Server: ECAcc (bsa/EAE4)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Xyf2ugi0M6-8YgWqbUgutIF538Y03mXfTS6xCjlkiYdH7DEpDo3Hqw==
Age: 46351
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 4cc473f4ebe5832e49d74ac3ef92763c
b3216638ba1f89a2d3ce4879527fb2f598c3f8b1
5c68e0782a28ee23394f669a848acfbf464d7b2c5e0d43ed67ce4bd7c8457071
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Mar 2023 07:17:25 GMT
Last-Modified: Tue, 28 Feb 2023 18:22:31 GMT
Server: ECAcc (nya/7968)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: k2jFXcJBMls8OYZk48HCfCIeGLn7RXolJueP5iE-C5YOfjNYteSo2A==
Age: 46494
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 4cc473f4ebe5832e49d74ac3ef92763c
b3216638ba1f89a2d3ce4879527fb2f598c3f8b1
5c68e0782a28ee23394f669a848acfbf464d7b2c5e0d43ed67ce4bd7c8457071
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Mar 2023 07:17:25 GMT
Last-Modified: Tue, 28 Feb 2023 18:22:31 GMT
Server: ECAcc (nya/7968)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tA9RPXNSHA_WGhJKoZwL9ZBKZofBiukpM1LygKqLkWH3fgFBA5ffiQ==
Age: 46494
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 4cc473f4ebe5832e49d74ac3ef92763c
b3216638ba1f89a2d3ce4879527fb2f598c3f8b1
5c68e0782a28ee23394f669a848acfbf464d7b2c5e0d43ed67ce4bd7c8457071
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106484
Date: Wed, 01 Mar 2023 07:17:25 GMT
Etag: "63fd4450-1d7"
Expires: Thu, 02 Mar 2023 12:52:09 GMT
Last-Modified: Tue, 28 Feb 2023 00:01:20 GMT
Server: ECAcc (bsa/EACC)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GBNZSX2GIpmsGvETksHL9uKoP2R7hNLpn0InzxYiAs9N1mW4MD0DlQ==
Age: 46249
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 4cc473f4ebe5832e49d74ac3ef92763c
b3216638ba1f89a2d3ce4879527fb2f598c3f8b1
5c68e0782a28ee23394f669a848acfbf464d7b2c5e0d43ed67ce4bd7c8457071
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106493
Date: Wed, 01 Mar 2023 07:17:25 GMT
Etag: "63fd4450-1d7"
Expires: Thu, 02 Mar 2023 12:52:18 GMT
Last-Modified: Tue, 28 Feb 2023 00:01:20 GMT
Server: ECAcc (bsa/EB2E)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tioSiDquHRViDPmGTUF8NQsn4HssJOgpdx81_gNVxBfGeU0ZXfi7jw==
Age: 46258
www.youtube.com/embed/o5F8MOz_IDw?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
142.250.74.78200 OK 32 kB URL HTTP/2 www.youtube.com/embed/o5F8MOz_IDw?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
IP 142.250.74.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash 14fbc738f324ce1182365e5b493d3fad
71dc398cacf3a6d4ad7849a5fb5f3290a0c0127c
cb069d3de1409f7d9d99edae45dec7f05bc56f70e90d1cc9a09d3f3d9036159f
GET /embed/o5F8MOz_IDw?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 Mar 2023 07:17:23 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=lzmnvp6f7C8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=vf3_EFDgH3g; Domain=.youtube.com; Expires=Mon, 28-Aug-2023 07:17:23 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+879; expires=Fri, 28-Feb-2025 07:17:23 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.gravitec.net/modules/1.bundle.js
45.133.44.3200 OK 26 kB URL HTTP/2 cdn.gravitec.net/modules/1.bundle.js
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Hash e8784c63f4121a52269911c7354b7e74
b447f28d6c8cd918b462575ff6aeb20870ab7c46
0728ef32d2c12344d3fd019a810a3c0ed5f5eaef3e997eb527c48573ab79508e
GET /modules/1.bundle.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:24 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
etag: W/"61fa486f-8092"
expires: Tue, 20 Dec 2022 09:05:37 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/27836.png
52.217.174.224200 OK 3.3 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/27836.png
IP 52.217.174.224:0
File type PNG image data, 120 x 60, 8-bit colormap, non-interlaced\012- data
Hash ad3b47e4095300a2cd234133cb9c1069
07cd7eb1e77a549abb4d338ec013e74f1e953e89
af30f90306fc8fecc1cb1f1eebbcb35ad0579d86ac80d95df43827072c207a50
GET /logos.formetocoupon.com/120x60/27836.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: NoOerio2QY211Jw+hO3boGcIl0W1OCskvFt8AVEOwVmikxYPcNMY/snl5Te18Wiy53lm9FWhm8w=
x-amz-request-id: RF2F9Y45T3047KKP
Date: Wed, 01 Mar 2023 07:17:26 GMT
Last-Modified: Sun, 24 Jul 2016 01:07:10 GMT
ETag: "ad3b47e4095300a2cd234133cb9c1069"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3285
s3.amazonaws.com/logos.formetocoupon.com/120x60/41495.gif
52.217.174.224200 OK 2.0 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/41495.gif
IP 52.217.174.224:0
File type GIF image data, version 89a, 120 x 60\012- data
Hash d2f9432727658dae3f83f905b720e305
f814726824af56cd6c5cfc6a3e8f30736984e58b
5e14a9409d7a07f212dcab8a0c71e09fb38b2e442f23f7c6eab7757dd29697ea
GET /logos.formetocoupon.com/120x60/41495.gif HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: fQhe8DZcV7YR/slu3bHW8ozw6sqoyNatvAc0AApzApm4l1ixPkSGgBPVjvQPFqcRWZQLzCxGDak=
x-amz-request-id: RF21P79WQ56XWQGZ
Date: Wed, 01 Mar 2023 07:17:26 GMT
Last-Modified: Sat, 23 Nov 2019 16:16:43 GMT
ETag: "d2f9432727658dae3f83f905b720e305"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 2041
s3.amazonaws.com/logos.formetocoupon.com/120x60/60780.jpg
52.217.174.224200 OK 33 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/60780.jpg
IP 52.217.174.224:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2023:02:21 11:40:56], baseline, precision 8, 120x60, components 3\012- data
Hash b1f2d0e5f9c550df2ca961d09c5d3255
9a11d8ca4a127abc90bdeefe532e4f1c0a4a0b0d
65998bf972d493b42224ec216a4239d2b6680a7e01bc39a9be6f92666bad715d
GET /logos.formetocoupon.com/120x60/60780.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: us9a1scotfeX4yt2zOlgiM3tbQ9DXifJVulJ1UpgUUXIUhtex5wNtn+FBf9TZWAR1NHsvIphUbk=
x-amz-request-id: RF2EQWSYCBTE550R
Date: Wed, 01 Mar 2023 07:17:26 GMT
Last-Modified: Tue, 21 Feb 2023 09:41:12 GMT
ETag: "b1f2d0e5f9c550df2ca961d09c5d3255"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 32553
s3.amazonaws.com/logos.formetocoupon.com/120x60/22812.jpg
52.217.174.224200 OK 21 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/22812.jpg
IP 52.217.174.224:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:05:10 11:47:02], progressive, precision 8, 120x60, components 3\012- data
Hash c50c2bc85b52acb7876414f60b0546d7
0406422809a1b8ae63e41e15d67727953773b7b3
d5b066192ae9c6eb4912a385fd4cb645bd3f3bc1b2567087b062e030a0c23a38
GET /logos.formetocoupon.com/120x60/22812.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: xy8ciHOon3H04RzNkRLaFNjQ4NR0fcbkVP721zEwoQyfQfUXt8jP0X02ppx89G3n1cWEK7ShtqI=
x-amz-request-id: RF28EHV3F93G1TPD
Date: Wed, 01 Mar 2023 07:17:26 GMT
Last-Modified: Mon, 10 May 2021 09:47:19 GMT
ETag: "c50c2bc85b52acb7876414f60b0546d7"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 20872
cdn.gravitec.net/modules/0.bundle.js
45.133.44.3200 OK 34 kB URL HTTP/2 cdn.gravitec.net/modules/0.bundle.js
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Hash 5ef3c43173919c967206efd08ade8b01
07fd95c5d6a120c0b89a12e0a1913fa7cc5b3ce4
e93bd520fa7df4270f3ddcbef7cce428af90d613cda9edcd958e4d1d14fce7a8
GET /modules/0.bundle.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:24 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
etag: W/"61fa486f-2550"
expires: Wed, 02 Feb 2022 09:06:29 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
s3.amazonaws.com/logos.formetocoupon.com/120x60/25268.gif
52.217.174.224200 OK 2.3 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/25268.gif
IP 52.217.174.224:0
File type GIF image data, version 89a, 120 x 60\012- data
Hash cf37554943d5538e103d21b3c3e39ed6
02748f407dfe962b12e77c47859d334983e35b58
524bbaa6c6f30d9c2bb4eea04ecb3ee579607de7702a4938ac9bb157d968cdbc
GET /logos.formetocoupon.com/120x60/25268.gif HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: HuQyMz99Ye9YoJxF0vPQjpaBy5VByGYlEx/16uPIbu6HCY3y2aKplkgfkKnNbDplqO9/qA4i8/U=
x-amz-request-id: RF26XTA222FYJZJE
Date: Wed, 01 Mar 2023 07:17:26 GMT
Last-Modified: Thu, 18 Feb 2016 20:24:04 GMT
ETag: "cf37554943d5538e103d21b3c3e39ed6"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 2343
s3.amazonaws.com/logos.formetocoupon.com/120x60/57951.jpg
52.217.174.224200 OK 17 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/57951.jpg
IP 52.217.174.224:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:09:05 13:04:02], progressive, precision 8, 120x60, components 3\012- data
Hash 2eb6c9a4d272802dbb128ed38e7a5c52
2a63a5f3a9dd0699aa4f23c4f5d98f6e22ccbf6a
93dbc0025e3a8fe262efcaec2beaa45f1ed03a489ce77990c982b5768b267fb1
GET /logos.formetocoupon.com/120x60/57951.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: BMMv3LAaNxj4dex8LegYg9ljpNYzs+s1OPoKQQZogj6cpjfZDeE/VCcVW5SIFY/exvZ/udVBB5o=
x-amz-request-id: RF20ZAE14KPKDD8G
Date: Wed, 01 Mar 2023 07:17:26 GMT
Last-Modified: Mon, 05 Sep 2022 11:04:21 GMT
ETag: "2eb6c9a4d272802dbb128ed38e7a5c52"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 17147
s3.amazonaws.com/logos.formetocoupon.com/120x60/53938.jpg
52.217.174.224200 OK 24 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/53938.jpg
IP 52.217.174.224:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:02:03 14:23:28], baseline, precision 8, 120x60, components 3\012- data
Hash f41c610227bd8a78a04162ddc6986ac2
5f00291069a668314dcc04d60727517796709a18
5ca756b97453abea9bd1fdd3a020adb8cafc24a614cc37caa4accb9fd7b8cbf8
GET /logos.formetocoupon.com/120x60/53938.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 6trLJ0YWGK/5NSIwYwgKsRqeN1wRpBYW/S4KT5gQmZGcoIGdBq/cLWRNVYhyV9UgGEUUV2MWXs4=
x-amz-request-id: RF2C0E4BBTDCPN4H
Date: Wed, 01 Mar 2023 07:17:26 GMT
Last-Modified: Thu, 03 Feb 2022 12:23:40 GMT
ETag: "f41c610227bd8a78a04162ddc6986ac2"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 23792
s3.amazonaws.com/logos.formetocoupon.com/120x60/50875.jpg
52.217.174.224200 OK 15 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/50875.jpg
IP 52.217.174.224:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:08:26 12:09:12], progressive, precision 8, 120x60, components 3\012- data
Hash 324341797b452530f95912959e2290d2
12011572d8d9963f3394f982463aa535b664b042
4fed903c2c238c4a4f4e484121288d2bd406e7bdaf080bf606a381e7abb851a2
GET /logos.formetocoupon.com/120x60/50875.jpg HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: yQ+acpbIBYFFOFTmukodh/7Mg0eAQ8i99WqAAwzzrwES85VgcwE6stw73A1uk6n7TxUDmB/i+0s=
x-amz-request-id: RF2EYHJ1S3YAY1QS
Date: Wed, 01 Mar 2023 07:17:26 GMT
Last-Modified: Thu, 26 Aug 2021 10:09:24 GMT
ETag: "324341797b452530f95912959e2290d2"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 15305
s3.amazonaws.com/logos.formetocoupon.com/120x60/17882.gif
52.217.174.224200 OK 4.8 kB URL HTTP/1.1 s3.amazonaws.com/logos.formetocoupon.com/120x60/17882.gif
IP 52.217.174.224:0
File type GIF image data, version 87a, 120 x 60\012- data
Hash eb76f79e52dcec0d7dac8e288098999b
91d2d7a0f6c0dd0e177901fa2d5fba92b6125d9e
d5b37c1412acf7b99c92f660504179a7b0366402c94758ca6af9a676a5e20687
GET /logos.formetocoupon.com/120x60/17882.gif HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: xM6/5AQbI/WNLyVAmOGLGjyOnxL1DpzitCCwt7iqPbn17ARhBXJbCzePT2nrfWf9S+zJg6pEBSI=
x-amz-request-id: RF24HAY36FSQJPAC
Date: Wed, 01 Mar 2023 07:17:26 GMT
Last-Modified: Fri, 11 Apr 2014 21:10:45 GMT
ETag: "eb76f79e52dcec0d7dac8e288098999b"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 4769
www.brizy.cloud/customfile/83514b99a26a80e89d4d5e894e4e99c3.mp4
3.95.91.48206 Partial Content 47 kB URL HTTP/1.1 www.brizy.cloud/customfile/83514b99a26a80e89d4d5e894e4e99c3.mp4
IP 3.95.91.48:0
Hash 1aaf90fd283f5131f44313ba92102f67
f63b2dc96ee39945f799a5a9767ca276e87b48b7
883765a6344411e12baee015c4f61b695dd9f84f960c7004f35905243041803c
GET /customfile/83514b99a26a80e89d4d5e894e4e99c3.mp4 HTTP/1.1
Host: www.brizy.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=4358144-
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Server: nginx
Date: Wed, 01 Mar 2023 07:17:25 GMT
Content-Type: video/mp4
Content-Length: 47139
Connection: keep-alive
Cache-Control: public
Last-Modified: Wed, 01 Mar 2023 07:17:25 GMT
Content-Disposition: attachment; filename="Homepage-20video-20on-20White-mp4.mp4"
Accept-Ranges: bytes
Content-Range: bytes 4358144-4405282/4405283
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 37712f991f1108815a5a2ca484cafb3a
83b1563a0056827c99caf610025b4a272c614a13
bdac62752c6e9847ade93181eab60a4da422bb3576162c7fc937f3c794511410
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Mar 2023 07:04:40 GMT
expires: Wed, 01 Mar 2023 07:19:40 GMT
cache-control: public, max-age=900
age: 765
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 37712f991f1108815a5a2ca484cafb3a
83b1563a0056827c99caf610025b4a272c614a13
bdac62752c6e9847ade93181eab60a4da422bb3576162c7fc937f3c794511410
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
54.230.245.118200 OK 793 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
IP 54.230.245.118:0
File type ASCII text, with very long lines (2368)
Hash c03418fdd6fad3ea75ccfc3c9fc5e67d
39b5410e5df22761f2f69cb2760e10232bee7807
eef19009dab4eb577ab5309252a4b88e664ccb0a36f52123659801b8d0337916
GET /assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 793
date: Fri, 16 Dec 2022 01:43:33 GMT
server: nginx
last-modified: Tue, 13 Dec 2022 10:06:05 GMT
content-encoding: gzip
expires: Mon, 13 Dec 2032 01:43:33 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qKNfDRLttOaEWaZNthtzv_rjB-O0ufI54RGYYug0bDVuu44ubDr0ig==
age: 6500032
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c939864c84c0f895ee9a52a44467a7c3
b8b2e17e41a492129f48bdf1219a2591dcb8c6de
6f5aa3a4a07611b7c14da94718e79f078ed5b1e4a354b3c4a4cbb92e0bfbdfa6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F5AA3A4A07611B7C14DA94718E79F078ED5B1E4A354B3C4A4CBB92E0BFBDFA6"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14466
Expires: Wed, 01 Mar 2023 11:18:32 GMT
Date: Wed, 01 Mar 2023 07:17:26 GMT
Connection: keep-alive
api.gravitec.media/api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=891909e0-9686-4a26-a59a-c2e710754205&utmb=efc17b1b-4d4c-4b7b-bd11-0facc77068fc&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F
35.214.184.209201 Created 0 B URL HTTP/2 api.gravitec.media/api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=891909e0-9686-4a26-a59a-c2e710754205&utmb=efc17b1b-4d4c-4b7b-bd11-0facc77068fc&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F
IP 35.214.184.209:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/stats/track?app_key=651b3da8463250405063839a2450c723&user_id=891909e0-9686-4a26-a59a-c2e710754205&utmb=efc17b1b-4d4c-4b7b-bd11-0facc77068fc&path=https%3A%2F%2Fwww.morecouponstogo.com%2Funi-landing&referrer=https%3A%2F%2Fllclickpro.com%2F HTTP/1.1
Host: api.gravitec.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 201 Created
server: nginx
date: Wed, 01 Mar 2023 07:17:26 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
x-correlation-id: 82a8f66a3a6d4c950b277e642a7c26ac
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2423146004.3028/raf,220x200,075,t,black.u5.jpg
68.232.35.237200 OK 7.1 kB URL HTTP/2 ih1.redbubble.net/image.2423146004.3028/raf,220x200,075,t,black.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash ea2e9b008dd5ea4ae82bd436910c2533
9b839ada94e09772f01c49af1032b9f046e9b6ed
0220c6be7d3cfcffc662fcab4c31803925ec7e294e4165098a1b364ad8800ace
GET /image.2423146004.3028/raf,220x200,075,t,black.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 16497883
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 01 Mar 2023 07:17:26 GMT
etag: W/"0220c6be7d3cfcffc662fcab4c318039"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F716)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 0c943895-8cf5-4c7d-88fc-024373c4d11a
x-xss-protection: 1; mode=block
content-length: 7140
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2446110696.1260/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 18 kB URL HTTP/2 ih1.redbubble.net/image.2446110696.1260/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash cbeccae7615c2abb796b18362413fca1
786507630ef7d824bf8b40a916bb291925c6f8f3
dbafa1cf5b6b67e92b03ca7ec815306d430a7e5909e4976c1678942b12296d67
GET /image.2446110696.1260/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 7496061
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 01 Mar 2023 07:17:26 GMT
etag: W/"dbafa1cf5b6b67e92b03ca7ec815306d"
last-modified: Sun, 04 Dec 2022 13:03:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F708)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 265760a0-67d0-4cb0-8773-7754a3305ec0
x-xss-protection: 1; mode=block
content-length: 18020
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2501823087.1427/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 13 kB URL HTTP/2 ih1.redbubble.net/image.2501823087.1427/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 41a7ff2b932518137a3d3ed4e75cff14
12788c351920ae2e6a6915c80ea0f1cae9106382
281a8d6feb56d70c6a48c55fbf412a1d8e6fe90435118f7571a8635c0f706ceb
GET /image.2501823087.1427/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 16497883
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 01 Mar 2023 07:17:26 GMT
etag: W/"281a8d6feb56d70c6a48c55fbf412a1d"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F71B)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: d5f2891d-027d-4541-8e68-d499a6d21006
x-xss-protection: 1; mode=block
content-length: 12808
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2521900674.0223/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 12 kB URL HTTP/2 ih1.redbubble.net/image.2521900674.0223/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 4f656d55e30a35cccb4bc94a74f0df52
19ae51457ecb9dbeac9a0d7d1ae42f9156563056
70b55f3994d82e9bf29d7f59509bb9d010d379e6e3d6901f289bf825fe5e15a0
GET /image.2521900674.0223/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 16497883
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 01 Mar 2023 07:17:26 GMT
etag: W/"70b55f3994d82e9bf29d7f59509bb9d0"
last-modified: Mon, 22 Aug 2022 08:32:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F71E)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: ee84e291-69ac-49ed-ab14-b532dcc3fe55
x-xss-protection: 1; mode=block
content-length: 11509
X-Firefox-Spdy: h2
ih1.redbubble.net/image.2615416373.1429/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 12 kB URL HTTP/2 ih1.redbubble.net/image.2615416373.1429/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 4ed24b51630a165d7ab03688d1325d25
c726cb712f4cd72bf5c564a7dc0ad0ebbf9d2a52
19914bb432c06112f7f8b4878fbfbb15d4610cac7de7e1e4cada665e77dc02ac
GET /image.2615416373.1429/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih1.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 8948432
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 01 Mar 2023 07:17:26 GMT
etag: W/"19914bb432c06112f7f8b4878fbfbb15"
last-modified: Thu, 17 Nov 2022 17:36:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F709)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: e3905e0b-d695-4b0b-8efc-7a4564418686
x-xss-protection: 1; mode=block
content-length: 12230
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2579261137.2872/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 10 kB URL HTTP/2 ih0.redbubble.net/image.2579261137.2872/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash b76c5fc72cbdc548cf7f48bb305a3d3f
dc8ee860f4d0d17dabbaec4b0b37c0d7514464c6
ba0865ca0df9021211a47e677772b85d96f2a01dbb54c4314caa379816800f06
GET /image.2579261137.2872/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 6891022
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 01 Mar 2023 07:17:26 GMT
etag: W/"ba0865ca0df9021211a47e677772b85d"
last-modified: Sun, 11 Dec 2022 13:07:05 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F704)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 81b8040b-ae19-4846-acc2-0dc83718b3ef
x-xss-protection: 1; mode=block
content-length: 10402
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2609329537.2892/raf,220x200,075,t,white.u5.jpg
68.232.35.237200 OK 13 kB URL HTTP/2 ih0.redbubble.net/image.2609329537.2892/raf,220x200,075,t,white.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash 7c729abcf1fb3cbc2c5338f004443fc8
ba2199b908015be4eb601ea363fa1e6a05e6109a
c350b44a154b399e0bef5fafa2ce0bbabd485db22ed9531b4566a297704c2898
GET /image.2609329537.2892/raf,220x200,075,t,white.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 4706885
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 01 Mar 2023 07:17:26 GMT
etag: W/"c350b44a154b399e0bef5fafa2ce0bba"
last-modified: Thu, 05 Jan 2023 19:49:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F6FC)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: bbbec080-8758-4f4c-bc9f-46a573131e8b
x-xss-protection: 1; mode=block
content-length: 13202
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2503050093.7512/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 14 kB URL HTTP/2 ih0.redbubble.net/image.2503050093.7512/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash a1a091afde7b0a602c3bb668fe15e8b3
3bc1c0afd5a02a5440fd3563d8c94dbf35a35d88
837c72675526f060b64fc4178d180a6b4aa40badc1660dea0b43cfaf12c87137
GET /image.2503050093.7512/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 7406285
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 01 Mar 2023 07:17:26 GMT
etag: W/"837c72675526f060b64fc4178d180a6b"
last-modified: Mon, 05 Dec 2022 13:59:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F70E)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: effd63d9-ce2f-456e-b79a-5328e5a37ac8
x-xss-protection: 1; mode=block
content-length: 14514
X-Firefox-Spdy: h2
ih0.redbubble.net/image.2615509652.3915/flat,220x200,075,t.u5.jpg
68.232.35.237200 OK 9.5 kB URL HTTP/2 ih0.redbubble.net/image.2615509652.3915/flat,220x200,075,t.u5.jpg
IP 68.232.35.237:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 220x200, components 3\012- data
Hash bec24a797621dc1b550df36956ebada4
2e28ce3cc5e85db3d2c5fb26f7a328f594a620c8
4e57c4041246929caec036f63290e869dea5923090d2e263a083a0cd9df0f51b
GET /image.2615509652.3915/flat,220x200,075,t.u5.jpg HTTP/1.1
Host: ih0.redbubble.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.redbubble.com
access-control-expose-headers: Content-Length,Content-Range
age: 12396581
cache-control: max-age=31556952, public
content-disposition: inline
content-transfer-encoding: binary
content-type: image/jpeg
date: Wed, 01 Mar 2023 07:17:26 GMT
etag: W/"4e57c4041246929caec036f63290e869"
last-modified: Sat, 08 Oct 2022 19:47:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: ECS (ska/F6FC)
x-cache: HIT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: b0ac1ab6-a28b-4a96-a7b6-4f1b185ea558
x-xss-protection: 1; mode=block
content-length: 9544
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 075db557635793632d91c6d220714041
28fe9fa6377b2658fb1d90c6c81be80eb96874b2
9f225746c23128917d7f062d6c9db7822513922b73833d08645a78b83f137f9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 075db557635793632d91c6d220714041
28fe9fa6377b2658fb1d90c6c81be80eb96874b2
9f225746c23128917d7f062d6c9db7822513922b73833d08645a78b83f137f9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 343d576850075324ca2fea576afa0dd7
e0f8944612456bdf82c48ccc59a1587ec05090f0
c0aa05989bd362ebb5d53d231173007591dca831c3b2dbc8f1f60ce2c11ac94d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 01 Mar 2023 07:17:26 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png
54.230.245.118200 OK 753 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png
IP 54.230.245.118:0
File type PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 95b83ee0d2cb98b5133345024a14031e
fb1f79f434185cabeda75b895cb0e98113c8c6ec
5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0
GET /assets/75x75-Brandmark-Transparent-5914f9388de7f61a2e2fb260ed39145a5719139b6559762350135c21771f12c0.png HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 753
date: Mon, 05 Sep 2022 13:09:45 GMT
server: nginx
last-modified: Sun, 04 Sep 2022 10:06:31 GMT
expires: Thu, 02 Sep 2032 13:09:45 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 92FAiSv_xAd6aNktt4bEDGLgriNKgyXx0aLiszMI5kjBgrFhmtDLnQ==
age: 15271661
X-Firefox-Spdy: h2
www.google.com/js/th/mxY7LFv-oYqXTQV_TLzc42ucxNLoJrxhGNcZhTJusLc.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/mxY7LFv-oYqXTQV_TLzc42ucxNLoJrxhGNcZhTJusLc.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35738)
Hash 8d89d9f72c92505a278610e9f4a93c32
3bb0e459abf7a41ecf4f2fa532f62f2b6a7d1e98
0a8a05ce590d2e213dbc3102e02dc8ceb3fc53c5b68565fee6c684ccac241757
GET /js/th/mxY7LFv-oYqXTQV_TLzc42ucxNLoJrxhGNcZhTJusLc.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14113
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Feb 2023 17:14:14 GMT
expires: Wed, 28 Feb 2024 17:14:14 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 13 Feb 2023 15:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 50592
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d1ielco78gv5pf.cloudfront.net/assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png
54.230.245.118200 OK 147 B URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png
IP 54.230.245.118:0
File type PNG image data, 7 x 10, 8-bit gray+alpha, non-interlaced\012- data
Hash aafe97f737c068ef75a9410c8a45f5a4
0d1856e53194b2a68d1976a21fe05d20eac683b6
44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47
GET /assets/rarr-trans-44aac167284d94a1522aae08e2a9c40c6d515ab554839445c3b43281cb6a2f47.png HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redbubble.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 147
date: Sat, 19 Nov 2022 12:53:29 GMT
server: nginx
last-modified: Wed, 16 Nov 2022 10:07:37 GMT
expires: Tue, 16 Nov 2032 12:53:29 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OVs39-c_5CJ96yOH-iekVmvZsx-zAddFR0M36cHNFGfr4K6xi4X8ug==
age: 8792637
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash af869ffc86b745ac4cdccb295ddca6c5
18e522d12abad1846d20f4f687f54b02bd0bfae7
4392297551085dc30a9770447858d502e0497772ba1b44ba5a51e54f71e5a828
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash e9c3dc46151032403f6d0e26add32496
8cdfce0acfd90220516bfdc048d658f446a068a2
6b5928f6bf9ddc217efa20915320836648445ee0c3c10523712bd00e0282cc4d
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 01 Mar 2023 07:17:26 GMT
server: ESF
cache-control: private
content-length: 30816
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 075db557635793632d91c6d220714041
28fe9fa6377b2658fb1d90c6c81be80eb96874b2
9f225746c23128917d7f062d6c9db7822513922b73833d08645a78b83f137f9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/ZFBI_JoDwew/sddefault.webp
216.58.211.22200 OK 21 kB URL HTTP/2 i.ytimg.com/vi_webp/ZFBI_JoDwew/sddefault.webp
IP 216.58.211.22:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9bc80783dd42606a38e3210ad1b3711d
28445b6ec0a0426acf5164a6df5076b7303347a6
3248bd00f508984ec3bdaea739c1f2a745768a30e6d897c2aa4d928ad84ac54e
GET /vi_webp/ZFBI_JoDwew/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 21248
date: Wed, 01 Mar 2023 07:17:26 GMT
expires: Wed, 01 Mar 2023 09:17:26 GMT
cache-control: public, max-age=7200
etag: "1648682389"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash df79555e68f3e34483c226a1a484a376
081353c17b5ad39a097d6b62c9c556b4b6dc68cd
600438e912110cae821d71984f4931acd72acd1c08e56c1ac9b54e9ad0b2b00b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash af869ffc86b745ac4cdccb295ddca6c5
18e522d12abad1846d20f4f687f54b02bd0bfae7
4392297551085dc30a9770447858d502e0497772ba1b44ba5a51e54f71e5a828
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/frZNsgk2zBlccfRh-5BuaeygKDnMtM8THuKkcUkdyyiVusMTe3jOrjnMKz39sCDGvs1pRZgXgQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.9 kB URL HTTP/2 yt3.ggpht.com/frZNsgk2zBlccfRh-5BuaeygKDnMtM8THuKkcUkdyyiVusMTe3jOrjnMKz39sCDGvs1pRZgXgQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 154367c025f64b7e936b58e616d0117e
07212c5ed2eaf5422aeb22116c3f43f7e073c9dc
88aec24845bf5c9721abffa6d5376a145662eec365d6c8c5ecb894340cbe656d
GET /frZNsgk2zBlccfRh-5BuaeygKDnMtM8THuKkcUkdyyiVusMTe3jOrjnMKz39sCDGvs1pRZgXgQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2884
x-xss-protection: 0
date: Wed, 01 Mar 2023 07:17:26 GMT
expires: Fri, 17 Feb 2023 15:16:28 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 493de00b8852fd21553dd4585f97d1dc
9e24e8b748535cb34a6948dc4fe46e19193b72bc
c00465ed07aa3429bb5fdd7b25aa68b694f416198021e4d48be569fa613aaa39
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash df79555e68f3e34483c226a1a484a376
081353c17b5ad39a097d6b62c9c556b4b6dc68cd
600438e912110cae821d71984f4931acd72acd1c08e56c1ac9b54e9ad0b2b00b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=www.morecouponstogo.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.morecouponstogo.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.morecouponstogo.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 01 Mar 2023 07:17:26 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 7d8371dbdee92445743d719e98bdbd29
463213e494522e2250e44fd423823dbc594a8baf
9a4cacae2c74056dd7dda7d4bc9efe7a34cfc4ec50408d8918a477b86eac0d77
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 01 Mar 2023 07:17:26 GMT
server: ESF
cache-control: private
content-length: 30971
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=www.morecouponstogo.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.morecouponstogo.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.morecouponstogo.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 01 Mar 2023 07:17:26 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 493de00b8852fd21553dd4585f97d1dc
9e24e8b748535cb34a6948dc4fe46e19193b72bc
c00465ed07aa3429bb5fdd7b25aa68b694f416198021e4d48be569fa613aaa39
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 66c70f4736b0f464fa61eab7622cea42
6e7de3d0a325de2536949b24ea3e7075748bb6c5
705b3e6af0818a8f9a1233b2aa0270587a71eb3e65cd4dd05e9e961f28f27766
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1ielco78gv5pf.cloudfront.net/assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif
54.230.245.118200 OK 1.8 kB URL HTTP/2 d1ielco78gv5pf.cloudfront.net/assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif
IP 54.230.245.118:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 53c8654b9584bb9f925f2e9f12a3a365
69b347445a08ef2e1235cb8ff2fad484d59ae7d3
8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d
GET /assets/ajax_subtle-8f2162a421d5682989810c5bed4402d83debcff6169ae940dbbf9844dcc9ea2d.gif HTTP/1.1
Host: d1ielco78gv5pf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d1ielco78gv5pf.cloudfront.net/assets/external_portfolio-55c5ae1c8983df626fd5d8b516e9b7afa9602796b1b40b1b0a489a394961ef91.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 1785
date: Mon, 23 Jan 2023 15:13:33 GMT
server: nginx
last-modified: Sun, 22 Jan 2023 10:15:28 GMT
expires: Thu, 20 Jan 2033 15:13:33 GMT
access-control-allow-origin: *
cache-control: max-age=315360000, public
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OGV22uOjB8mNr05P3l4eNrJhsamNE5-rcRl24KYXquVyvxnXawH70g==
age: 3168234
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 66c70f4736b0f464fa61eab7622cea42
6e7de3d0a325de2536949b24ea3e7075748bb6c5
705b3e6af0818a8f9a1233b2aa0270587a71eb3e65cd4dd05e9e961f28f27766
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1677676646&ei=Bvz-Y7LQGczmyAX57qPgBQ&ip=91.90.42.154&id=o-AEG3dTTEt1KdxI1l4E150YP78W_u52Rwoe2VzNcLwgDK&itag=251&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2182500&spc=H3gIhi8h-8i4m403rDXSNCMM3rYUujmz7sMbTKXno9Vy02zdpw&vprv=1&mime=audio%2Fwebm&ns=WeGt9gPr4fk8jf1k02o_MrUL&gir=yes&clen=142602&dur=9.801&lmt=1644075043895481&mt=1677654568&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=xD80-xA0Vv2Qpw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgESaxSZlp4xdXf9BM90A8-JTMKOUivKoy1rZAamz3DWwCIQDJ8zLSBKjVa__FliCGFzhfwQZYEXxbDyvmeJUb7X9vmA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAL9zdueISdBsI42QovrTIO-UzSvXuJ_xFj9WieTndH39AiBlsyk4OV7MdHE3XDWskxSLYC-SUI1E5Ma89K5MyihTuw%3D%3D&alr=yes&cpn=2rzafgodQ-TWp3Qg&cver=1.20230226.00.00&range=0-65812&rn=2&rbuf=0
91.90.45.172200 OK 66 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1677676646&ei=Bvz-Y7LQGczmyAX57qPgBQ&ip=91.90.42.154&id=o-AEG3dTTEt1KdxI1l4E150YP78W_u52Rwoe2VzNcLwgDK&itag=251&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2182500&spc=H3gIhi8h-8i4m403rDXSNCMM3rYUujmz7sMbTKXno9Vy02zdpw&vprv=1&mime=audio%2Fwebm&ns=WeGt9gPr4fk8jf1k02o_MrUL&gir=yes&clen=142602&dur=9.801&lmt=1644075043895481&mt=1677654568&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=xD80-xA0Vv2Qpw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgESaxSZlp4xdXf9BM90A8-JTMKOUivKoy1rZAamz3DWwCIQDJ8zLSBKjVa__FliCGFzhfwQZYEXxbDyvmeJUb7X9vmA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAL9zdueISdBsI42QovrTIO-UzSvXuJ_xFj9WieTndH39AiBlsyk4OV7MdHE3XDWskxSLYC-SUI1E5Ma89K5MyihTuw%3D%3D&alr=yes&cpn=2rzafgodQ-TWp3Qg&cver=1.20230226.00.00&range=0-65812&rn=2&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash a3e5161d67b6bcdbc2900f34d1b62837
70cfc40fc73887edd4962521d8a1f4355c2ae0ec
16b997a701a210873b11d55fb91acd40c67ac75f0cb35f6af030685640ad6647
POST /videoplayback?expire=1677676646&ei=Bvz-Y7LQGczmyAX57qPgBQ&ip=91.90.42.154&id=o-AEG3dTTEt1KdxI1l4E150YP78W_u52Rwoe2VzNcLwgDK&itag=251&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2182500&spc=H3gIhi8h-8i4m403rDXSNCMM3rYUujmz7sMbTKXno9Vy02zdpw&vprv=1&mime=audio%2Fwebm&ns=WeGt9gPr4fk8jf1k02o_MrUL&gir=yes&clen=142602&dur=9.801&lmt=1644075043895481&mt=1677654568&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6318224&n=xD80-xA0Vv2Qpw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgESaxSZlp4xdXf9BM90A8-JTMKOUivKoy1rZAamz3DWwCIQDJ8zLSBKjVa__FliCGFzhfwQZYEXxbDyvmeJUb7X9vmA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAL9zdueISdBsI42QovrTIO-UzSvXuJ_xFj9WieTndH39AiBlsyk4OV7MdHE3XDWskxSLYC-SUI1E5Ma89K5MyihTuw%3D%3D&alr=yes&cpn=2rzafgodQ-TWp3Qg&cver=1.20230226.00.00&range=0-65812&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 05 Feb 2022 15:30:43 GMT
Content-Type: audio/webm
Date: Wed, 01 Mar 2023 07:17:27 GMT
Expires: Wed, 01 Mar 2023 07:17:27 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 65813
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 66c70f4736b0f464fa61eab7622cea42
6e7de3d0a325de2536949b24ea3e7075748bb6c5
705b3e6af0818a8f9a1233b2aa0270587a71eb3e65cd4dd05e9e961f28f27766
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 07:17:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1677676646&ei=Bvz-Y7LQGczmyAX57qPgBQ&ip=91.90.42.154&id=o-AEG3dTTEt1KdxI1l4E150YP78W_u52Rwoe2VzNcLwgDK&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2182500&spc=H3gIhi8h-8i4m403rDXSNCMM3rYUujmz7sMbTKXno9Vy02zdpw&vprv=1&mime=video%2Fwebm&ns=WeGt9gPr4fk8jf1k02o_MrUL&gir=yes&clen=372609&dur=9.766&lmt=1644075043168469&mt=1677654568&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=xD80-xA0Vv2Qpw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgG1DccqmiN-l3PiRqHiui6iwAuebFIVoG3-rER-dm0YICIEtOIXa01lFRzkynPmMfbAbb0Bl8HBRWqmZeRznFc4k-&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAL9zdueISdBsI42QovrTIO-UzSvXuJ_xFj9WieTndH39AiBlsyk4OV7MdHE3XDWskxSLYC-SUI1E5Ma89K5MyihTuw%3D%3D&alr=yes&cpn=2rzafgodQ-TWp3Qg&cver=1.20230226.00.00&range=0-83624&rn=1&rbuf=0
91.90.45.172200 OK 84 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1677676646&ei=Bvz-Y7LQGczmyAX57qPgBQ&ip=91.90.42.154&id=o-AEG3dTTEt1KdxI1l4E150YP78W_u52Rwoe2VzNcLwgDK&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2182500&spc=H3gIhi8h-8i4m403rDXSNCMM3rYUujmz7sMbTKXno9Vy02zdpw&vprv=1&mime=video%2Fwebm&ns=WeGt9gPr4fk8jf1k02o_MrUL&gir=yes&clen=372609&dur=9.766&lmt=1644075043168469&mt=1677654568&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=xD80-xA0Vv2Qpw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgG1DccqmiN-l3PiRqHiui6iwAuebFIVoG3-rER-dm0YICIEtOIXa01lFRzkynPmMfbAbb0Bl8HBRWqmZeRznFc4k-&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAL9zdueISdBsI42QovrTIO-UzSvXuJ_xFj9WieTndH39AiBlsyk4OV7MdHE3XDWskxSLYC-SUI1E5Ma89K5MyihTuw%3D%3D&alr=yes&cpn=2rzafgodQ-TWp3Qg&cver=1.20230226.00.00&range=0-83624&rn=1&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash a5cff876e8757875138a219b1e112192
37a633577e49a52ff0dfbbb1ba4d612fde9c31c6
c5056416db1e6e9d48e859b48175c9140292647bda2333babd32a54ca5523c78
POST /videoplayback?expire=1677676646&ei=Bvz-Y7LQGczmyAX57qPgBQ&ip=91.90.42.154&id=o-AEG3dTTEt1KdxI1l4E150YP78W_u52Rwoe2VzNcLwgDK&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C278&source=youtube&requiressl=yes&mh=ke&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=2182500&spc=H3gIhi8h-8i4m403rDXSNCMM3rYUujmz7sMbTKXno9Vy02zdpw&vprv=1&mime=video%2Fwebm&ns=WeGt9gPr4fk8jf1k02o_MrUL&gir=yes&clen=372609&dur=9.766&lmt=1644075043168469&mt=1677654568&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6319224&n=xD80-xA0Vv2Qpw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgG1DccqmiN-l3PiRqHiui6iwAuebFIVoG3-rER-dm0YICIEtOIXa01lFRzkynPmMfbAbb0Bl8HBRWqmZeRznFc4k-&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAL9zdueISdBsI42QovrTIO-UzSvXuJ_xFj9WieTndH39AiBlsyk4OV7MdHE3XDWskxSLYC-SUI1E5Ma89K5MyihTuw%3D%3D&alr=yes&cpn=2rzafgodQ-TWp3Qg&cver=1.20230226.00.00&range=0-83624&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 05 Feb 2022 15:30:43 GMT
Content-Type: video/webm
Date: Wed, 01 Mar 2023 07:17:27 GMT
Expires: Wed, 01 Mar 2023 07:17:27 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 83625
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
fonts.bunny.net/roboto/files/roboto-latin-400-normal.woff2
194.242.11.186200 OK 16 kB URL HTTP/2 fonts.bunny.net/roboto/files/roboto-latin-400-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /roboto/files/roboto-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:28 GMT
content-type: font/woff2
content-length: 15744
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aef47c-3d80"
last-modified: Fri, 30 Dec 2022 14:23:56 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:40:02
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 399375c1e409ba4fa06eed36258e3437
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.youtube.com/embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY
142.250.74.78200 OK 128 kB URL HTTP/2 www.youtube.com/embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY
IP 142.250.74.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58608)
Size 128 kB (127517 bytes)
Hash 8dc3e8b32d4fc898a500d64e7fc22f74
38a48527b368c2dc332a079926e3d57baedfeea9
285a330407c2bb40e796427e482792ab66333cffaba2a15cb587d7c99bbab0ae
GET /embed/Tge4GgRmmrY?autoplay=1&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=Tge4GgRmmrY HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 Mar 2023 07:17:23 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=b0ECsDdu8vI; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=--GKIFvzMNY; Domain=.youtube.com; Expires=Mon, 28-Aug-2023 07:17:23 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+124; expires=Fri, 28-Feb-2025 07:17:23 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
216.58.207.227200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Feb 2023 11:26:38 GMT
expires: Sat, 24 Feb 2024 11:26:38 GMT
cache-control: public, max-age=31536000
age: 417050
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Feb 2023 13:15:37 GMT
expires: Thu, 22 Feb 2024 13:15:37 GMT
cache-control: public, max-age=31536000
age: 583311
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
b-cloud.b-cdn.net/builds/pro/126-cloud/css/preview.pro.css
194.242.11.186200 OK 0 B URL HTTP/2 b-cloud.b-cdn.net/builds/pro/126-cloud/css/preview.pro.css
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /builds/pro/126-cloud/css/preview.pro.css HTTP/1.1
Host: b-cloud.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:23 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 246147
cdn-uid: e647d0c9-3a16-4c3e-ae99-91e18e06d4b3
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"b1efdef564a9908476eca3da92165504"
last-modified: Tue, 31 Jan 2023 10:24:53 GMT
x-amz-id-2: tYNu5aGwePU3RKdwWk88GzGW2O/esHn66d56n3My5FyFKieEQEstrq2xS/QrFMQJv5bC7ptJONM=
x-amz-request-id: 2BXZ51922MBR76MM
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/31/2023 12:56:40
cdn-edgestorageid: 830
link: <https://s3.amazonaws.com/brizy.cloud/builds/pro/126-cloud/css/preview.pro.css>; rel="canonical"
cdn-status: 200
cdn-requestid: 5e5cd85b5ef9fb26f55d564c32f442ca
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdn.gravitec.net/storage/651b3da8463250405063839a2450c723/client.js
45.133.44.3200 OK 0 B URL HTTP/2 cdn.gravitec.net/storage/651b3da8463250405063839a2450c723/client.js
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
GET /storage/651b3da8463250405063839a2450c723/client.js HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:23 GMT
content-type: application/javascript; charset=utf-8
server: nginx
last-modified: Mon, 31 Oct 2022 19:57:34 GMT
etag: W/"636028ae-100fb"
expires: Mon, 31 Oct 2022 20:24:50 GMT
cache-control: max-age=10
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: REVALIDATED
X-Firefox-Spdy: h2
www.youtube.com/embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
142.250.74.78200 OK 0 B URL HTTP/2 www.youtube.com/embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0
IP 142.250.74.78:0
GET /embed/ZFBI_JoDwew?autoplay=0&controls=1&start=0&end=0&modestbranding=0&wmode=transparent&enablejsapi=1&loop=0&rel=0&mute=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 Mar 2023 07:17:23 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=6vf5SAMD678; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=EKVmmN6KC3w; Domain=.youtube.com; Expires=Mon, 28-Aug-2023 07:17:23 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+201; expires=Fri, 28-Feb-2025 07:17:23 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t-adbar1.com/_kc1h
44.193.111.200200 OK 0 B IP 44.193.111.200:0
GET /_kc1h HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:20 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
set-cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Fri, 31-Mar-2023 07:17:20 GMT; Max-Age=2592000; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/v4-shims.css
IP 172.64.132.15:0
GET /releases/v5.15.4/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:21 GMT
content-type: text/css
x-amz-id-2: qwA5Y2Tc6thfAvQK57NinlTNePE/pkn9mrz7bY+yrX8re53aDtOXZ0WMtDtq/el3WqlQOCCOB48=
x-amz-request-id: KPGWVPPS5J1JFQTP
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"a034d3c71bee546f625877d7932917f8"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1310067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gZHx7vlWsHDiPsnowXdm6Xe%2BYi6g%2B%2FVNxPPVHlMbTE46fzKf6mqqxG8RnUxTs5k3PX6h6P0%2FPd2rSm3BdRuXtW1zXzdqvO6AWVlJK%2FrCsYsZ8yGayEF8XltVgdW8bWKybjjHpEY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a0f9ea72c307719-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
w.leadsleap.com/js.js
104.26.9.147200 OK 0 B IP 104.26.9.147:0
GET /js.js HTTP/1.1
Host: w.leadsleap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:23 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4038
last-modified: Mon, 06 Jun 2022 14:11:07 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 6529
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfjikYApNt%2B%2FXXRB7LfvNgiXpdWE%2B7%2BE056zwDck3aHuMOAH5j8zKgyvZALFBWPwEjxo4lpX8HykVRt9NQ2ATUvwby6KmQS2uJChQPbhOyXaU%2BriMWM5nuqCeyPZopukMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a0f9eb2ec2db517-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.gravitec.net/sdk/web/configs?appKey=651b3da8463250405063839a2450c723
45.133.44.3200 OK 0 B URL HTTP/2 cdn.gravitec.net/sdk/web/configs?appKey=651b3da8463250405063839a2450c723
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
GET /sdk/web/configs?appKey=651b3da8463250405063839a2450c723 HTTP/1.1
Host: cdn.gravitec.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.morecouponstogo.com/
Origin: https://www.morecouponstogo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:23 GMT
content-type: application/json
server: nginx
x-correlation-id: f8693963b8971978ecb674dd87946a25
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-proxy-cache: MISS
X-Firefox-Spdy: h2
trafficadbar.com/favicon.ico
54.159.153.108200 OK 0 B URL HTTP/2 trafficadbar.com/favicon.ico
IP 54.159.153.108:0
GET /favicon.ico HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:20 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
54.159.153.108200 OK 0 B URL HTTP/2 trafficadbar.com/50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg
IP 54.159.153.108:0
GET /50-195376p-7f77fb9d65e3bb8a718d9ac76b2040e8.jpeg HTTP/1.1
Host: trafficadbar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:20 GMT
content-type: image/jpeg
server: nginx
vary: Accept-Encoding
expires: Fri, 31 Mar 2023 07:17:19 GMT
pragma: public
cache-control: max-age=2591999
content-encoding: gzip
X-Firefox-Spdy: h2
z5traffic.com/t/matomo.js
54.159.153.108404 Not Found 0 B URL HTTP/2 z5traffic.com/t/matomo.js
IP 54.159.153.108:0
GET /t/matomo.js HTTP/1.1
Host: z5traffic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 01 Mar 2023 07:17:21 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.16.1
vary: Accept-Encoding
x-powered-by: PHP/7.4.12
cache-control: no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.gravitec.media/track.min.js
45.133.44.3200 OK 0 B URL HTTP/2 cdn.gravitec.media/track.min.js
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
GET /track.min.js HTTP/1.1
Host: cdn.gravitec.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:25 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
etag: W/"5dde8d82-11d5"
cache-control: max-age=7776000
access-control-allow-origin: *
content-encoding: gzip
expires: Tue, 30 May 2023 07:17:25 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
X-Firefox-Spdy: h2
t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6IlRoejFXQXBxbUVBUFNRWEg4dlhYa1E9PSIsInZhbHVlIjoia1dhY09XelFuTStNeW9SdGJ0engydz09IiwibWFjIjoiYTM0YTc0YmViZDRmMzAzNTkwOTdiNDBiYjczMzQ4NTI5MDkyZmM3ZTFjMGY1MTJmZTZhY2IzZDM3YTNjY2YyMyJ9&abc=
44.193.111.200200 OK 0 B URL HTTP/2 t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6IlRoejFXQXBxbUVBUFNRWEg4dlhYa1E9PSIsInZhbHVlIjoia1dhY09XelFuTStNeW9SdGJ0engydz09IiwibWFjIjoiYTM0YTc0YmViZDRmMzAzNTkwOTdiNDBiYjczMzQ4NTI5MDkyZmM3ZTFjMGY1MTJmZTZhY2IzZDM3YTNjY2YyMyJ9&abc=
IP 44.193.111.200:0
GET /_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6IlRoejFXQXBxbUVBUFNRWEg4dlhYa1E9PSIsInZhbHVlIjoia1dhY09XelFuTStNeW9SdGJ0engydz09IiwibWFjIjoiYTM0YTc0YmViZDRmMzAzNTkwOTdiNDBiYjczMzQ4NTI5MDkyZmM3ZTFjMGY1MTJmZTZhY2IzZDM3YTNjY2YyMyJ9&abc= HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t-adbar1.com/_kc1h
Connection: keep-alive
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:20 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
set-cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9; expires=Fri, 31-Mar-2023 07:17:20 GMT; Max-Age=2592000; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
t-adbar1.com/assets/home_logo.png
44.193.111.200200 OK 0 B URL HTTP/2 t-adbar1.com/assets/home_logo.png
IP 44.193.111.200:0
GET /assets/home_logo.png HTTP/1.1
Host: t-adbar1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/_kc1h?&ww=1280&wh=939&reff=&h=eyJpdiI6IlRoejFXQXBxbUVBUFNRWEg4dlhYa1E9PSIsInZhbHVlIjoia1dhY09XelFuTStNeW9SdGJ0engydz09IiwibWFjIjoiYTM0YTc0YmViZDRmMzAzNTkwOTdiNDBiYjczMzQ4NTI5MDkyZmM3ZTFjMGY1MTJmZTZhY2IzZDM3YTNjY2YyMyJ9&abc=
Cookie: sou=eyJyIjpudWxsLCJ1IjoiTVRHU2FtdXJhaSJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:20 GMT
content-type: image/png
server: nginx
last-modified: Wed, 09 Jun 2021 07:15:14 GMT
vary: Accept-Encoding
etag: W/"60c06a82-9a6"
content-encoding: gzip
X-Firefox-Spdy: h2
www.youtube.com/embed/d36aPUaJ1Pg?autoplay=1&controls=0&start=2&end=2&modestbranding=1&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=d36aPUaJ1Pg
142.250.74.78200 OK 0 B URL HTTP/2 www.youtube.com/embed/d36aPUaJ1Pg?autoplay=1&controls=0&start=2&end=2&modestbranding=1&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=d36aPUaJ1Pg
IP 142.250.74.78:0
GET /embed/d36aPUaJ1Pg?autoplay=1&controls=0&start=2&end=2&modestbranding=1&wmode=transparent&enablejsapi=1&loop=1&rel=0&mute=1&playlist=d36aPUaJ1Pg HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 Mar 2023 07:17:23 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=SrhnIgbo-nI; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=LvoFQuJh2Gw; Domain=.youtube.com; Expires=Mon, 28-Aug-2023 07:17:23 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+429; expires=Fri, 28-Feb-2025 07:17:23 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
twshop4coupon.com/track/imp/img/6848/ce2bc2b8910528c9bed6f77a9672c94824684fc975fbb9b20a61ba0266?subid_1=&subid_2=&subid_3=&subid_4=&subid_5=
3.225.211.117302 Found 0 B URL HTTP/2 twshop4coupon.com/track/imp/img/6848/ce2bc2b8910528c9bed6f77a9672c94824684fc975fbb9b20a61ba0266?subid_1=&subid_2=&subid_3=&subid_4=&subid_5=
IP 3.225.211.117:0
GET /track/imp/img/6848/ce2bc2b8910528c9bed6f77a9672c94824684fc975fbb9b20a61ba0266?subid_1=&subid_2=&subid_3=&subid_4=&subid_5= HTTP/1.1
Host: twshop4coupon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.morecouponstogo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 01 Mar 2023 07:17:23 GMT
content-type: text/html; charset=utf-8
location: https://cdn.affiliates.one/production/admin_affiliates_com_tw/image_creative/6848/x1dmuwbyv2tjwywndwsoqvvuraktdtp1szujaobnu_cheapoair_468x60.gif?wl=8&image_creative_id=6848&offer_id=1481&offer_variant_id=1871&network_id=169&affiliate_id=17200&affiliate_offer_id=1826500
server: Apache/2.4.18 (Ubuntu)
cache-control: no-cache
x-request-id: 67884a194bfc52c8683ae41c90d172cd
p3p: CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV"
x-ua-compatible: IE=Edge,chrome=1
x-runtime: 0.088524
x-rack-cache: miss
x-powered-by: Phusion Passenger 5.1.12
status: 302 Found
X-Firefox-Spdy: h2
llclickpro.com/MCTGlanding/tab
104.21.65.65200 OK 0 B URL HTTP/2 llclickpro.com/MCTGlanding/tab
IP 104.21.65.65:0
GET /MCTGlanding/tab HTTP/1.1
Host: llclickpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-adbar1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: lltkrl156457=1; expires=Thu, 02-Mar-2023 07:17:20 GMT; Max-Age=86400; path=/; SameSite=Lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q07fy98ghqI%2BQNidTtOpQjAHpBVGqD1cjd1BbW63l8QvnDpmyTYxgdaLMCE5rxq7Trdy8jZLzJ0Gh4A7z%2F%2BAMZIcoj%2FNbkmjTsTH8UV3ejTSGu2LwuE4%2FQZ%2FfisflaiN2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a0f9ea37fd2b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/all.css
IP 172.64.132.15:0
GET /releases/v5.15.4/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://llclickpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Mar 2023 07:17:21 GMT
content-type: text/css
x-amz-id-2: HbM7ijn2Ff9X/1Vt9XeVXF531DG0bzvcTq5CZSGkm/YMoq0CXvSjXF4xJx2aLZ49QpK6+nYyLf0=
x-amz-request-id: 2HZ8KB750WAR2JFJ
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 122771
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b99pDJFXoP2NWN940XA880Wfi4ClP8Hjg%2FRrA4tN7xDLz0TX%2FuoU3Jlhu3BSmh2Lk360CcOTBEhB5gCOY9gscMZKhL24X6T8Y0QW377of77RfDcRv5%2B9FXN8mVMdsQMsr0UeDf2s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a0f9ea72c2f7719-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2