POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7034
Expires: Sun, 04 Dec 2022 10:38:14 GMT
Date: Sun, 04 Dec 2022 08:41:00 GMT
Connection: keep-alive
|
GET /338/909.html HTTP/1.1
Host: mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
 64.225.91.73
HTTP/1.1 200 OK
content-type: text/html
server: nginx/1.18.0 (Ubuntu)
date: Sun, 04 Dec 2022 08:41:00 GMT
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 4737
Cache-Control: max-age=97749
Date: Sun, 04 Dec 2022 08:41:00 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:50:09 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14851
Expires: Sun, 04 Dec 2022 12:48:31 GMT
Date: Sun, 04 Dec 2022 08:41:00 GMT
Connection: keep-alive
|
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.102.187.140
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 08:18:24 GMT
cache-control: public,max-age=3600
age: 1356
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
x-amz-id-2: TipVcZ9pkFKPbSVxg0D9HIIgOPvYje2qUfawtJvenFkAVzDn8/iWMPwi9v6BLoXoA1+OWT0iKF0=
x-amz-request-id: DKVCFFZKEGH10XVZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 07:46:53 GMT
age: 3247
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.117.237.239
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Sun, 04 Dec 2022 08:41:00 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
 104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 04 Dec 2022 08:41:00 GMT
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15586964
expires: Fri, 24 Nov 2023 08:41:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rurgbef07dS0Yb4doB6zx7SdTb1VcQbAv2xVsX6htMPmbyskGZ4mBZUlobMDBDQzdOg1vvQBku8JGQCu%2F80Xu08UWQmrpKZZEp1%2FcweAajgSwG%2Bsq8ZjhaabdQkB9%2BkJFh7saMhF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77433d94f876b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 345
ETag: "8E3C803C1A2287F39F626151D6293AD860F15AAFB2E004BEB589205B0B92219E"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9774
Expires: Sun, 04 Dec 2022 11:23:55 GMT
Date: Sun, 04 Dec 2022 08:41:01 GMT
Connection: keep-alive
|
GET /?orighost=http://mkkuei4kdsz.com/338/909.html HTTP/1.1
Host: domaincntrol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
104.26.10.61
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
date: Sun, 04 Dec 2022 08:41:01 GMT
content-length: 28
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4YutM0g43ZTZtX%2BFtq1T84FrF0%2BXjRmXG%2BKwsD4FlWSXELMRxUvsjCLIYy7G3M0OB8j8FPczMUbubJK1cIclH3sYLraF4ZtJx8gaR8N34WeuPSud%2BgknaqbSf4y5EaDhKs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77433d95fc3b0b45-OSL
X-Firefox-Spdy: h2
|
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.102.187.140
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 08:11:19 GMT
cache-control: public,max-age=3600
age: 1782
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 4728
Cache-Control: max-age=92678
Date: Sun, 04 Dec 2022 08:41:01 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:25:39 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
|
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +0vcKYtYF177D4bhs1JeYQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
search
54.149.51.98
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wGHX443qA8zwe4GAj6lGGW3CP0k=
|
GET / HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
|
search
 64.190.63.136
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 08:41:02 GMT
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_zfi2IAQMFhbeJz7TohoVHVtJWU2hwm7Lrp9mU2CS1tg8fh6Um4KcOzzYJ6LQkNLWAjiGBQP1WU+h5qP7TrTizQ==
last-modified: Sun, 04 Dec 2022 08:41:01 GMT
x-cache-miss-from: parking-d7dbd8c4d-5wc8k
server: NginX
content-encoding: gzip
|
GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
|
search
205.234.175.175
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Sun, 04 Dec 2022 08:41:02 GMT
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Sun, 11 Dec 2022 08:41:02 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: 3d8fa245c6fd5761a72d707647e2e204
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
|
GET /search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3MDE0MzI2MjkwMThjMjAyMGU4YmQ3N2M5NzViMGVmM2NjNDA0NjUz&crc=7983c8f12a78fdedd8f5662a9a72931842553b35&cv=1 HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
|
search
64.190.63.136
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 08:41:02 GMT
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-d7dbd8c4d-pnx5c
server: NginX
|
GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DvWWRhqEUQVI_0&v=MDE1ZDA4ZDYwMGUwZTc1ODA3MDk4Yzk4MGFkNjM2YjIJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4YzVkMWQ0NThiNDUuODIzNjg1NTQJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGM1ZDFkNDU4ZjQwLjUxNjUyNTQzCTE2NzAxNDMyNjIJYWRfNjNfMA==&l=OAkwZDkyZDE5NmJlZDRlODRmZTkxN2U3MjEyZGIzZmY3NQkwCTM1CTAJZmNkNDlmNzBlMDZlMTY5ZDg4MzVkMGFhNTQ3OGM5N2IJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAxNDMyNjIJMC4wMDAzNjUJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1
|
search
64.190.63.136
HTTP/1.1 302 Found
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 08:41:02 GMT
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Sun, 04 Dec 2022 08:41:02 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DvWWRhqEUQVI_0&v=MDE1ZDA4ZDYwMGUwZTc1ODA3MDk4Yzk4MGFkNjM2YjIJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4YzVkMWQ0NThiNDUuODIzNjg1NTQJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGM1ZDFkNDU4ZjQwLjUxNjUyNTQzCTE2NzAxNDMyNjIJYWRfNjNfMA==&l=OAkwZDkyZDE5NmJlZDRlODRmZTkxN2U3MjEyZGIzZmY3NQkwCTM1CTAJZmNkNDlmNzBlMDZlMTY5ZDg4MzVkMGFhNTQ3OGM5N2IJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAxNDMyNjIJMC4wMDAzNjUJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw
x-cache-miss-from: parking-d7dbd8c4d-lpd8s
server: NginX
|
GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DvWWRhqEUQVI_0&v=MDE1ZDA4ZDYwMGUwZTc1ODA3MDk4Yzk4MGFkNjM2YjIJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM4YzVkMWQ0NThiNDUuODIzNjg1NTQJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOGM1ZDFkNDU4ZjQwLjUxNjUyNTQzCTE2NzAxNDMyNjIJYWRfNjNfMA==&l=OAkwZDkyZDE5NmJlZDRlODRmZTkxN2U3MjEyZGIzZmY3NQkwCTM1CTAJZmNkNDlmNzBlMDZlMTY5ZDg4MzVkMGFhNTQ3OGM5N2IJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzAxNDMyNjIJMC4wMDAzNjUJTgkwCTEJODMwCTEyMDUJMTk0MDQzMTQyCTkxLjkwLjQyLjE1NAkw HTTP/1.1
Host: ww2.mkkuei4kdsz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
64.190.63.136
HTTP/1.1 302 Found
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 08:41:02 GMT
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Sun, 04 Dec 2022 08:41:02 GMT
location: http://xml.sedodna.com/click?i=vWWRhqEUQVI_0
x-cache-miss-from: parking-d7dbd8c4d-pnx5c
server: NginX
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8716
Expires: Sun, 04 Dec 2022 11:06:18 GMT
Date: Sun, 04 Dec 2022 08:41:02 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8716
Expires: Sun, 04 Dec 2022 11:06:18 GMT
Date: Sun, 04 Dec 2022 08:41:02 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8716
Expires: Sun, 04 Dec 2022 11:06:18 GMT
Date: Sun, 04 Dec 2022 08:41:02 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8716
Expires: Sun, 04 Dec 2022 11:06:18 GMT
Date: Sun, 04 Dec 2022 08:41:02 GMT
Connection: keep-alive
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vNP2rQwmWTntetjJyjonO8N_YOBqvQuZUm42BWX7c1GoX7jASOIpCg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:49:42 GMT
age: 39080
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 8285
x-amzn-requestid: 882c673f-4e3f-4f84-a51d-bbac56f716eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAAEWUoAMFWuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-3a2c571d6272b3493ec2a1c5;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DX2amuyEjkaWng9x7x8TknBMeXzYPSW7pimxhVkcwOPPPbKrX0beQQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:24 GMT
etag: "364a32a224b2cacc26b138d57a8945c191e537b1"
age: 39038
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85837b29-ffdd-4915-a6ab-8d0721427d1b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 9356
x-amzn-requestid: 11f22578-a356-4f74-99bf-6d8462e25fdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ckdKGG8RIAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b4240-5c5fa5332d60db084c8d3bb6;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 12:34:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QjicIljz29ZU_XTAeiVG5u_Y6unOHCN1CzOBdtnyDRckYwsPkWToBg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:29:03 GMT
age: 11519
etag: "aa134912d4f5ddfb371c45d9975506246af68400"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:55:20 GMT
age: 9942
etag: "1d702df3a64258628f4124eafd580695f2d350af"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /click?i=vWWRhqEUQVI_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
173.239.53.32
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://dipaka-ead.com/zcvisitor/61ba6539-73af-11ed-aec1-12cafe9a7ba3/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=31a11310-5efd-11ed-9380-0a918cbcbb97
Pragma: no-cache
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 11482
x-amzn-requestid: d1db05ab-bd5d-4ad4-96b4-8f439152e435
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clssNEeAoAMFh_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc181-0221c53842a2f5ef071e8071;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UZ5kblxfN8fkp55YeSpUA55GzDxZgsLpFZrYTsdJBihf53HLCN0hTA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:17:35 GMT
age: 37407
etag: "527220e4e8cd1065ce05fcd0694d0d703d817e2e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 7503
x-amzn-requestid: a4120308-c51e-4cff-99c2-90e86018b05d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgZjCGkVIAMFpsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a2e0-6fdf362a6d32449239476155;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:01:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dy619jlSTwCjwDhGuLmwTMcmuYj1Kg2oLA7xORyAYX8IHWimhNo6pw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:23:21 GMT
age: 4661
etag: "6a0258e8c97ce09f1723382c8a16d9682b7dc50c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /zcvisitor/61ba6539-73af-11ed-aec1-12cafe9a7ba3/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=31a11310-5efd-11ed-9380-0a918cbcbb97 HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
3.212.50.125
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
Date: Sun, 04 Dec 2022 08:41:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: lUlUzhjT
|
GET /zcredirect?visitid=61ba6539-73af-11ed-aec1-12cafe9a7ba3&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcvisitor/61ba6539-73af-11ed-aec1-12cafe9a7ba3/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=31a11310-5efd-11ed-9380-0a918cbcbb97
Upgrade-Insecure-Requests: 1
|
search
3.212.50.125
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
Date: Sun, 04 Dec 2022 08:41:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: aVaGlhqH
|
GET /favicon.ico HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcredirect?visitid=61ba6539-73af-11ed-aec1-12cafe9a7ba3&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
|
search
3.212.50.125
HTTP/1.1 404
Content-Type: text/html;charset=utf-8
Date: Sun, 04 Dec 2022 08:41:03 GMT
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: PNWhRqSQ
|
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
54.230.96.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136925
Date: Sun, 04 Dec 2022 08:41:03 GMT
Etag: "638bcf92-1d7"
Expires: Mon, 05 Dec 2022 22:43:08 GMT
Last-Modified: Sat, 03 Dec 2022 22:37:06 GMT
Server: ECS (dcb/7FA5)
X-Cache: Miss from cloudfront
Via: 1.1 67d9c6999f4bc9c9c60e1e5f24b316e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN1-C1
X-Amz-Cf-Id: Es4HXnE95fO9qVYA0XHLqoQyPsgpFwCTz8_-SkN7iaq5yC6AaS6BbA==
Age: 362
|
GET /zp-redirect?target=https%3A%2F%2Fthetakebestbonus.life%2F%3Fu%3Dxunwwwr%26o%3Db0hp0zn%26cid%3Dw23posn9l9i8n8ukiv556uia&caid=158b5b73-ccca-408f-a150-a43e12f193d8&zpid=61ba6539-73af-11ed-aec1-12cafe9a7ba3&cid=w23posn9l9i8n8ukiv556uia&rt=R HTTP/1.1
Host: ayxvy.voluumtrk3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dipaka-ead.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
35.156.91.109
HTTP/2 302 Found
date: Sun, 04 Dec 2022 08:41:03 GMT
content-length: 0
location: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: voluum-cid-v4=%7B%22cid%22%3A%22w23posn9l9i8n8ukiv556uia%22%2C%22caid%22%3A%22158b5b73-ccca-408f-a150-a43e12f193d8%22%7D; Max-Age=31536000; Expires=Mon, 04-Dec-2023 08:41:03 GMT; Domain=ayxvy.voluumtrk3.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "683401E48314BA5B468D05199B744E6DB899EB6EB3CA88155E7D973E66ABE414"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18687
Expires: Sun, 04 Dec 2022 13:52:31 GMT
Date: Sun, 04 Dec 2022 08:41:04 GMT
Connection: keep-alive
|
GET /?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dipaka-ead.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
 194.87.208.61
HTTP/1.1 200 OK
Content-Type: text/html
Server: nginx
Date: Sun, 04 Dec 2022 08:41:04 GMT
Content-Length: 19425
Connection: keep-alive
set-cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye; path=/
cache-control: private, no-transform
|
GET /media/gambling/en/slotbar/style.css HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: text/css
Server: nginx
Date: Sun, 04 Dec 2022 08:41:04 GMT
Content-Length: 20006
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "8c38a209d98ec6a54d6b7cd42046af41"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D893D0FDE38AC
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:04 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 08:41:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /ajax/libs/jquery/2.2.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
142.250.74.42
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30089
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 11:02:32 GMT
expires: Tue, 28 Nov 2023 11:02:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
age: 509912
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 08:41:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /cookie/js.cookie9.js HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: application/javascript
Server: nginx
Date: Sun, 04 Dec 2022 08:41:04 GMT
Content-Length: 4395
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "16e07bf02a8e81d2cd5679dc45cc318c"
Last-Modified: Wed, 31 Aug 2022 09:31:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D8A18AC2AF580
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:04 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/backbutton_gmb.js HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: application/javascript
Server: nginx
Date: Sun, 04 Dec 2022 08:41:04 GMT
Content-Length: 3923
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "42a42a2180debd55caba94527379964c"
Last-Modified: Wed, 31 Aug 2022 09:34:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D89386E3D1472
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:04 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/icon.js HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: application/javascript
Server: nginx
Date: Sun, 04 Dec 2022 08:41:04 GMT
Content-Length: 1580
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "2b25502a979c3b240fc77e52689e4c29"
Last-Modified: Wed, 31 Aug 2022 09:34:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D8A61DE02AE5E
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:04 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/comment.js HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: application/javascript
Server: nginx
Date: Sun, 04 Dec 2022 08:41:04 GMT
Content-Length: 2753
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "8441712705c040dc2ecfd7966c11f131"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D8A605A1E66C5
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:04 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/exit_gmb.js HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: application/javascript
Server: nginx
Date: Sun, 04 Dec 2022 08:41:04 GMT
Content-Length: 1550
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "5202df93e55f911a83a995fa38af7ee6"
Last-Modified: Wed, 31 Aug 2022 09:34:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D897AEDE3E69B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:04 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/confetti.js HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: application/javascript
Server: nginx
Date: Sun, 04 Dec 2022 08:41:04 GMT
Content-Length: 3533
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "116c9460f5e882a7fcf4e837f7efc72a"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D8A61F4930EF6
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:04 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/returnDate.no.js HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: application/javascript
Server: nginx
Date: Sun, 04 Dec 2022 08:41:04 GMT
Content-Length: 1242
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "dbdb981f8658c845968ec8226f81d1d8"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D8A7355A5F2A3
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:04 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/sound.js HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: application/javascript
Server: nginx
Date: Sun, 04 Dec 2022 08:41:04 GMT
Content-Length: 1083
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "3787b349cb8b744b6917fe43f96b1ccd"
Last-Modified: Wed, 31 Aug 2022 09:34:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D8A18C03C357A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:04 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /util/utils-gmb.js HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: application/javascript
Server: nginx
Date: Sun, 04 Dec 2022 08:41:04 GMT
Content-Length: 4651
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "570df3f849036a1a4a75ca2a28047d36"
Last-Modified: Wed, 31 Aug 2022 09:38:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D8A61A60A1EEF
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:04 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/red-arrow-left.png HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: image/png
Server: nginx
Date: Sun, 04 Dec 2022 08:41:04 GMT
Content-Length: 1059
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "58f67f1674f5133b9925d3ae27dc0498"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D89B713FD80D7
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:04 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/3temv7e.jpg HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: image/jpeg
Server: nginx
Date: Sun, 04 Dec 2022 08:41:04 GMT
Content-Length: 1169
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "a848711320a9df61e6457f65b0dfa9fb"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D8A3F69FB132F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:04 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/img1.jpg HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: image/jpeg
Server: nginx
Date: Sun, 04 Dec 2022 08:41:04 GMT
Content-Length: 1315
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "c3c59916d3b4977017c89125dc42b664"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D8A3F3C90C958
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:04 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/slot-win.png HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: image/png
Server: nginx
Date: Sun, 04 Dec 2022 08:41:04 GMT
Content-Length: 13853
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "efb5cc057d90910eac87b874ae4dba74"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D893D60ABF607
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:04 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/EKZrmbS.jpg HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: image/jpeg
Server: nginx
Date: Sun, 04 Dec 2022 08:41:05 GMT
Content-Length: 2264
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "7364bf39dcf0941d3a1760e46a562710"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D8A3F7D9F0443
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:05 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/img2.jpg HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: image/jpeg
Server: nginx
Date: Sun, 04 Dec 2022 08:41:05 GMT
Content-Length: 1297
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "92b944714cea3e478a8e50dea1a80b26"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D8A3F463D353F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:05 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /util/pgamble.js?v=8 HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: application/javascript
Server: nginx
Date: Sun, 04 Dec 2022 08:41:05 GMT
Content-Length: 4237
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "c43bdd4ef0fd292dca304ff4c8f56058"
Last-Modified: Wed, 31 Aug 2022 09:38:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D89B165C8BCAD
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:05 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/win.mp3 HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 206 Partial Content
Content-Type: audio/mpeg
Server: nginx
Date: Sun, 04 Dec 2022 08:41:05 GMT
Content-Length: 10391
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "bca40777013dec4a99eaa8b0b98a7fef"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
No-Gzip-Compression: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D895D41CCE6F6
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:05 GMT
Cache-Control: max-age=31536000, no-transform
Content-Range: bytes 0-10390/10391
|
GET /media/gambling/en/slotbar/spin.mp3 HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 206 Partial Content
Content-Type: audio/mpeg
Server: nginx
Date: Sun, 04 Dec 2022 08:41:05 GMT
Content-Length: 8784
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "5a2e10964c7fea8b0181831184bc0d97"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
No-Gzip-Compression: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D895D42F4F435
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:05 GMT
Cache-Control: max-age=31536000, no-transform
Content-Range: bytes 0-8783/8784
|
GET /media/gambling/en/slotbar/9PH2QqX.jpg HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: image/jpeg
Server: nginx
Date: Sun, 04 Dec 2022 08:41:05 GMT
Content-Length: 2143
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "f48aa7778890400e3be6131e64cd4236"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D8A3F79737F45
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:05 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/7wSpKDu.jpg HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: image/jpeg
Server: nginx
Date: Sun, 04 Dec 2022 08:41:05 GMT
Content-Length: 2037
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "6d02d5cf49120718501b9a6629290c48"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D8A3F71E91CE9
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:05 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/plR22yu.jpg HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: image/jpeg
Server: nginx
Date: Sun, 04 Dec 2022 08:41:05 GMT
Content-Length: 1017
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "7a532123e2eda81e018b8c1f90c8b3bd"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D8A3F9D7C1F0B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:05 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/DsrKpkj.jpg HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: image/jpeg
Server: nginx
Date: Sun, 04 Dec 2022 08:41:05 GMT
Content-Length: 1506
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "0d0f29abfcedc7dfffe3811a5100a6cd"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D8A3F9081C1B4
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:05 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/yEUMY3v.jpg HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: image/jpeg
Server: nginx
Date: Sun, 04 Dec 2022 08:41:05 GMT
Content-Length: 1608
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "5da3831556c780010e0e5c5b967e43ce"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D8A3F84B5AB82
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:05 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/KqX499j.png HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: image/png
Server: nginx
Date: Sun, 04 Dec 2022 08:41:05 GMT
Content-Length: 2153
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "8fe70ee687801d77e99e45efa5af9aa7"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D8A3F93760BF2
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:05 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/slot-result-2.png HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: image/png
Server: nginx
Date: Sun, 04 Dec 2022 08:41:05 GMT
Content-Length: 25004
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "4922e4f8c0c5d208c89921d9a525cbe5"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D893D5E50C68B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:05 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/yWwCB4c.jpg HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: image/jpeg
Server: nginx
Date: Sun, 04 Dec 2022 08:41:05 GMT
Content-Length: 2336
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "5edf4db493423ac10c72a27ad5c4a618"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D8A3F606400DF
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:05 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/slot-result-1.png HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: image/png
Server: nginx
Date: Sun, 04 Dec 2022 08:41:05 GMT
Content-Length: 19469
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "54c5bc3e91c88eeff2a8f7f9b07f1fe1"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D893D4AA4D230
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:05 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/red-arrow-right.png HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: image/png
Server: nginx
Date: Sun, 04 Dec 2022 08:41:05 GMT
Content-Length: 1089
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "c4d30de24dab6f826e7f27286beaceaa"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D89B725978DA8
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:05 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/slot-spin.gif HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: image/gif
Server: nginx
Date: Sun, 04 Dec 2022 08:41:05 GMT
Content-Length: 87599
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "617c16c5e04c8603dd7f157862b1c682"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D893D26E4C2F8
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:05 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /media/gambling/en/slotbar/slot-start.png HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 200 OK
Content-Type: image/png
Server: nginx
Date: Sun, 04 Dec 2022 08:41:05 GMT
Content-Length: 24873
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "794c929de9d8b06cf941920aeeceecee"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172D893D222439CF
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 04 Dec 2023 08:41:05 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
|
GET /favicon.ico HTTP/1.1
Host: thetakebestbonus.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thetakebestbonus.life/?u=xunwwwr&o=b0hp0zn&cid=w23posn9l9i8n8ukiv556uia
Cookie: sid=t2~4zdnzsjnjfvxlaljnzju5xye
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
|
search
194.87.208.61
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 04 Dec 2022 08:41:06 GMT
Connection: keep-alive
Cache-Control: no-transform
|
198.199.127.43
217.69.14.8