senecaphoneupdate.top/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
301 Moved Permanently 0 B URL HTTP/1.1 senecaphoneupdate.top/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1
Host: senecaphoneupdate.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 08 Jan 2023 07:44:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 08 Jan 2023 08:44:50 GMT
Location: https://senecaphoneupdate.top/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XnMNF8rCt3KdLjR2%2BQDo1bsU%2FrppExzBc3p2IYtpFxK23j%2B7fvbCB9ECa3DAxF%2Fzdxfofigykp5r%2BJTqyrwAHgvOxAJ9B6fIBVnuU6XyOGNqQWkwmW%2Bjh1jk%2BTo8QXO0gKhRJ7VFloM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78634f6def29b4e8-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8792
Expires: Sun, 08 Jan 2023 10:11:23 GMT
Date: Sun, 08 Jan 2023 07:44:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 516b9d6951b09439a51d5284994ed92f
5c78edb38bae36caa8e2db8ed6635a32e46c91dd
eaaf4ebc59d2a06d02b552154c5adb7c713ffc4a7f5caabcff1c2b4cd6ec5c7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAAF4EBC59D2A06D02B552154C5ADB7C713FFC4A7F5CAABCFF1C2B4CD6EC5C7B"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9528
Expires: Sun, 08 Jan 2023 10:23:39 GMT
Date: Sun, 08 Jan 2023 07:44:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 89a058935fd04697c87e9441fbb466a9
59b5b08119374b1da34cff7e43a7c6dc80103f6e
3a3261f495323ff0f60067b2930b8d0e5e4e5cd6ae9b14929a88047587b735da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A3261F495323FF0F60067B2930B8D0E5E4E5CD6AE9B14929A88047587B735DA"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10157
Expires: Sun, 08 Jan 2023 10:34:08 GMT
Date: Sun, 08 Jan 2023 07:44:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 08 Jan 2023 07:41:28 GMT
content-type: application/json
age: 203
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4lvkUwIWn+K6+0o6ZipnMncG+Cg4MkjUL2E7BWHVqYRZOfsGxfO4gMHgTjeXfGsmV+UPt4PVJ6xoPpuQ9++b7Q==
x-amz-request-id: 4Q3WYWNB11DG7A60
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 08 Jan 2023 07:00:43 GMT
age: 2648
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 384bf03baa0e1c3ef74a7fcd17a8912d
9f26da123fd4edd85fc50653e7b0726de765b728
fd907ce3be2289e334637d6979b6fbb45e024811ad6060b46985396ab536fdc8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "FD907CE3BE2289E334637D6979B6FBB45E024811AD6060B46985396AB536FDC8"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21569
Expires: Sun, 08 Jan 2023 13:44:20 GMT
Date: Sun, 08 Jan 2023 07:44:51 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 07:44:51 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 08 Jan 2023 07:33:43 GMT
age: 668
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 384bf03baa0e1c3ef74a7fcd17a8912d
9f26da123fd4edd85fc50653e7b0726de765b728
fd907ce3be2289e334637d6979b6fbb45e024811ad6060b46985396ab536fdc8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "FD907CE3BE2289E334637D6979B6FBB45E024811AD6060B46985396AB536FDC8"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21569
Expires: Sun, 08 Jan 2023 13:44:20 GMT
Date: Sun, 08 Jan 2023 07:44:51 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 780 B IP
Hash 89ed774069d533f8e4aa3600c01a7bc4
ada5036fa085d560f03e7bee1ec74df0d83b531b
238824bf0c759e0d84d3f01bff5af2578f6997ece9df347a3ef5721bfec1ee0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2447
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:44:51 GMT
Last-Modified: Sun, 08 Jan 2023 07:04:04 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b57f076a9416a9cdef34df4ef7eaa4ac
2374473eb9bccfe80bacaa97072202d5e7ab7356
002ac0deb29541996f3ea8c9c171f6d54ee6a90919a61a629f1580032fc51f61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "002AC0DEB29541996F3EA8C9C171F6D54EE6A90919A61A629F1580032FC51F61"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2334
Expires: Sun, 08 Jan 2023 08:23:45 GMT
Date: Sun, 08 Jan 2023 07:44:51 GMT
Connection: keep-alive
my.rtmark.net/p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8
200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8
IP
Hash 7e1da03b7d5254f7b1d93874c8f85ce4
c1ff6bec84dd9b2bf2bbcd11bb8791444f04b2d7
ff9366f794284e39381efd6b8ae4b6273469134c741ca7c3d6a1e1248e1a98d4
GET /p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 07:44:51 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq
200 OK 1.3 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2667)
Hash 1756808e382a26b716488ae5cc0f1a0a
4d7f4dd676e0e4c18d4ec1d7d867884444d37354
71440a5fb84c521752644a05287c715ed4858d5c0a0a29c344fe2ebc9348e4c9
GET /i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20230108074451C13168685B56C0784755
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb6efce6c3386965b6338b9561fec500008d48f9485e1ded1ddf6f0dba771c8d4d36361d07b1f43c8fd63adcdd16314121258ce6102915120879ed0d7601ec3a27002d77f2fd0ed5f775f586199cb8dad3d29de4123a007ea5e14f105991b578c3a
content-encoding: gzip
content-length: 1318
x-origin-response-time: 7,104.96.220.13
x-akamai-request-id: bdc54054.621ea3df
expires: Sun, 08 Jan 2023 07:44:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 08 Jan 2023 07:44:51 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
set-cookie: _ttp=2K2Dg33vSfDlPrH1UvXnmIZKRUj; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a104-96-220-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=7, inner; dur=3
x-parent-response-time: 98,95.101.10.109
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
200 OK 68 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMA.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21716)
Hash 75ee2fd291156e2832622fded1792855
369d84faf87723b6ac465d97f7366e31aebd6aee
d2fc1eac0d1d0775fc5f8c4133de3cdc29b23bfbc90a73bf4ed884cbfe529d89
GET /i18n/pixel/static/main.MWI1MTgwZGZmMA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Cookie: _ttp=2K2Dg33vSfDlPrH1UvXnmIZKRUj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 202212201657267608A5E9F4861511C102
x-tt-trace-host: 0174209eab6deed09fed7ba820602a8f9dd4ca3726d5bfc9d82fd15f04e810a3c95b268479802a0cb91b232a29acb572422da2c28a019f05c7837b0e8da627a582ae16726813a4baecb224f17356e1ff1319ff3d0d55eef644d8e3291100ab1b9c
content-encoding: gzip
content-length: 67875
date: Sun, 08 Jan 2023 07:44:52 GMT
x-cache: TCP_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=11
x-akamai-request-id: 621ea468
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/static/identify_13839.js
200 OK 31 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/static/identify_13839.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash bdbe45678ce11238207e20b501d7b7c4
2a061a285a8a0c205f334329b2e56ebac6cf8895
49f5403b6ec67d55d6825fe3b68bb6800d626624874bd6adb7559c7062687258
GET /i18n/pixel/static/identify_13839.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Cookie: _ttp=2K2Dg33vSfDlPrH1UvXnmIZKRUj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 202212201657267608A5E9F4861511C10A
x-tt-trace-host: 0174209eab6deed09fed7ba820602a8f9dd4ca3726d5bfc9d82fd15f04e810a3c95b268479802a0cb91b232a29acb572422da2c28a019f05c7837b0e8da627a5828908ac44ad85c1662c88a539afbc6cc508efccb60b9ffdce113a9e9e4acf0ab9
content-encoding: gzip
content-length: 30900
date: Sun, 08 Jan 2023 07:44:52 GMT
x-cache: TCP_MEM_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 621ea49d
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d3cd87208f6d10c44a08bab4ef30c8ee
0d5523f57bc1d968c11388284b89a471962d6c96
998c07c0d6366d0ffb96842d1db0165c85ed50a9223e792059390845199c6b33
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "998C07C0D6366D0FFB96842D1DB0165C85ED50A9223E792059390845199C6B33"
Last-Modified: Fri, 06 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17214
Expires: Sun, 08 Jan 2023 12:31:46 GMT
Date: Sun, 08 Jan 2023 07:44:52 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gNj9G99tcUcx7p2hJuVLtA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Q6NRhyWLA5GJNX20bivABEwPc3g=
overalltrack.com/api/v3.0/clickapi/img?aid=1&clickId={clickid}
200 OK 43 B URL HTTP/1.1 overalltrack.com/api/v3.0/clickapi/img?aid=1&clickId={clickid}
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /api/v3.0/clickapi/img?aid=1&clickId={clickid} HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 08 Jan 2023 07:44:52 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Set-Cookie: currentClickid=%7B%221%22%3A%22%7Bclickid%7D%22%7D; Max-Age=31536000; Path=/; Expires=Mon, 08 Jan 2024 07:44:52 GMT; Secure; SameSite=None
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 920
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Cookie: _ttp=2K2Dg33vSfDlPrH1UvXnmIZKRUj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2023010807445256C79F69E03880308024
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb6efce6c3386965b6338b9561fec5000080290d688fae1ef76dd863d7de3e21451084569613b5c2f8c86364266f4b18f574017e8dc9e9e07d020265b94e7a957c306b326dba309e514077384b5ad81e28a3e0a949e6232c661414dd3ce789fd851
x-origin-response-time: 23,104.96.220.52
x-akamai-request-id: 139fdd2d.621ea4a3
expires: Sun, 08 Jan 2023 07:44:52 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 08 Jan 2023 07:44:52 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-cache-remote: TCP_MISS from a104-96-220-52.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=23, inner; dur=20
x-parent-response-time: 114,95.101.10.109
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 1a476300be2fa0a4b1fe9acc4e7b24a8
ad23df8359985705e44a98a13a70bc30c15477d8
3238a1b01c81d8f73620f537f7e7ff353652c162cc22059f61d23d3732726517
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 08 Jan 2023 07:44:52 GMT
Last-Modified: Sun, 08 Jan 2023 07:11:32 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zAby-96vosWP4kbDehv6t2_E619tgBTXTs5rgwNoHapmTbgOnQ4pgg==
Age: 2000
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 1a476300be2fa0a4b1fe9acc4e7b24a8
ad23df8359985705e44a98a13a70bc30c15477d8
3238a1b01c81d8f73620f537f7e7ff353652c162cc22059f61d23d3732726517
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136346
Date: Sun, 08 Jan 2023 07:44:52 GMT
Etag: "63b9cdf6-1d7"
Expires: Mon, 09 Jan 2023 21:37:18 GMT
Last-Modified: Sat, 07 Jan 2023 19:54:30 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 82e8S5sC--zvBf3BGiGT1gxoZ9erLCINUZS9nmE9hBXqE4UdR44O5w==
Age: 6168
overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1
200 OK 8 B URL HTTP/1.1 overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash f30c3a40e9a3e65c868c754a5de95919
65101ff283414b70636ff494d866190a66ed9978
875befe7cefc0715a17dc737f9514dda981f79a3c9f174badcae5bd1cc2425fe
OPTIONS /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://senecaphoneupdate.top/
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 08 Jan 2023 07:44:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Allow: GET,HEAD
app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64
200 OK 0 B URL HTTP/1.1 app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /device_by_model?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://senecaphoneupdate.top/
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Server: gunicorn
Date: Sun, 08 Jan 2023 07:44:52 GMT
Content-Type: text/html; charset=utf-8
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur
overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1
200 OK 126 B URL HTTP/1.1 overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1
IP
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash c8f85db18fe8f89306f6c0819c67036d
7b5c44e4a9fd70e664aa4fe54fc0bd7bb3963a31
a71ab24977d03d440189548647bee7fdbdf0d6dee44478d1f6b44f17699a75ee
GET /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 08 Jan 2023 07:44:52 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 126
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64
301 Moved Permanently 0 B URL HTTP/1.1 app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /device_by_model?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Server: gunicorn
Date: Sun, 08 Jan 2023 07:44:52 GMT
Content-Type: text/html; charset=utf-8
Location: /device_by_model/?model=x64
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Content-Length: 0
Via: 1.1 vegur
my.rtmark.net/img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Fsenecaphoneupdate.top%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_push_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23
200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Fsenecaphoneupdate.top%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_push_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Fsenecaphoneupdate.top%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_push_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 07:44:52 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f942ccf2800d4f378ecbc98c7424bf47; expires=Mon, 08 Jan 2024 07:44:52 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64
200 OK 0 B URL HTTP/1.1 app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /device_by_model/?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Server: gunicorn
Date: Sun, 08 Jan 2023 07:44:52 GMT
Content-Type: text/html; charset=utf-8
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur
r3.o.lencr.org/
200 OK 20 kB IP
ASN #20940 Akamai International B.V.
Hash ca7c0a330bbfbe1e4f3dea1a0d4a9e56
3b51874c698820eaee6a987f8f30211044c159ff
f694c53ccd5adc839681d38909921ca200c5f41ea3d084a2ebda530e9ad59965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9733A8E731FCB57D417D9A74BAC2D22856EB3DDD9F0DC13DE73CB6DA842F6F5"
Last-Modified: Fri, 06 Jan 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13009
Expires: Sun, 08 Jan 2023 11:21:41 GMT
Date: Sun, 08 Jan 2023 07:44:52 GMT
Connection: keep-alive
app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64
404 Not Found 86 B URL HTTP/1.1 app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64
IP
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash 024c203b02c3d88f5e07d125220aa18a
4450bc452d44c05834e068f5341745b2e81ebbe3
a7360add54a81883d7f3e724d07de917a7fcd5cc190db96b7de642d34ceb2787
GET /device_by_model/?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://senecaphoneupdate.top
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Connection: keep-alive
Server: gunicorn
Date: Sun, 08 Jan 2023 07:44:52 GMT
Content-Type: application/json
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Length: 86
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Via: 1.1 vegur
redrotou.net/pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js
200 OK 15 kB URL HTTP/2 redrotou.net/pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js
IP
Hash f2497c13a29ac0b5f07178ff8fa9ab44
ee14165709982c3ec8170126c8f7c8750fac032e
85a89fa15a83624faef00881a715e12df8279feac5eb2df7bda5f09f57c57cb0
GET /pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js HTTP/1.1
Host: redrotou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 07:44:52 GMT
content-type: application/javascript
last-modified: Wed, 21 Dec 2022 12:58:18 GMT
etag: W/"63a302ea-9a87"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
track.profitableredirect.com/redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1673163892845&hash=YtyTMfT4AN9NxFVOmDQR3hNeUaXnYekV_kFp5qslzTU&rm=DJ
200 OK 424 B URL HTTP/2 track.profitableredirect.com/redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1673163892845&hash=YtyTMfT4AN9NxFVOmDQR3hNeUaXnYekV_kFp5qslzTU&rm=DJ
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (424), with no line terminators
Hash 03ab185b43632ca143ad0a05b5ad7c76
d650a7441bef0d8c04f8aaaa2de6be743d757460
72235612e73b145c28b49ac3d247f41c942f81be00a5de5d6ecfb985787e2a4d
GET /redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1673163892845&hash=YtyTMfT4AN9NxFVOmDQR3hNeUaXnYekV_kFp5qslzTU&rm=DJ HTTP/1.1
Host: track.profitableredirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: e69b0e43-f199-496b-87cc-2daa322bb681-v4=BTWQ1x1JBrMhCRyZZQKI0wCgOXGKOKYNzOAvyK2BQwA; cc-v4=bYlCwO2D9E%2FPrpgYZfFlhq%2BXcVJbzctO9sFa1ZFqgf7tT%2BNCTXUyk%2FiVLMTgBMoIqUNmUXpVfr74Ix79c%2FimETvP%2BqOX5k1mV3HGr4XAZtPS1%2Bw6rqIPwr7WijuUxN8Lpzi8Rf8OzLJsXEM9VCTXPw%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 07:44:52 GMT
content-type: text/html;charset=UTF-8
content-length: 424
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2d46dd4735777a1053d6493063032880
0d0bbb7bc9c852bec141977d0df078963dc33484
edcf80777417fec25b2e9e0bfb9d5535894d7ee850b08d45a9367073e41a9238
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EDCF80777417FEC25B2E9E0BFB9D5535894D7EE850B08D45A9367073E41A9238"
Last-Modified: Fri, 06 Jan 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16058
Expires: Sun, 08 Jan 2023 12:12:31 GMT
Date: Sun, 08 Jan 2023 07:44:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b57f076a9416a9cdef34df4ef7eaa4ac
2374473eb9bccfe80bacaa97072202d5e7ab7356
002ac0deb29541996f3ea8c9c171f6d54ee6a90919a61a629f1580032fc51f61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "002AC0DEB29541996F3EA8C9C171F6D54EE6A90919A61A629F1580032FC51F61"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2332
Expires: Sun, 08 Jan 2023 08:23:45 GMT
Date: Sun, 08 Jan 2023 07:44:53 GMT
Connection: keep-alive
ouhastay.net/favicon.ico
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: ouhastay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: OAID=0ce0694ed0e04b6b96bb89642462ace2; oaidts=1673163893
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 08 Jan 2023 07:44:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=merge&userId=0ce0694ed0e04b6b96bb89642462ace2
200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=0ce0694ed0e04b6b96bb89642462ace2
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=0ce0694ed0e04b6b96bb89642462ace2 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 07:44:53 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0ce0694ed0e04b6b96bb89642462ace2; expires=Mon, 08 Jan 2024 07:44:53 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6b7311a62dbac99dd034dec404255d1e
76811f676f44bdc1c57cb1f69b125df313eb7463
e1a83d9afefc1e4b69847607ad54f223ed0d5be9715f25e2b98946fed3c8e4a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1A83D9AFEFC1E4B69847607AD54F223ED0D5BE9715F25E2B98946FED3C8E4A2"
Last-Modified: Fri, 06 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6844
Expires: Sun, 08 Jan 2023 09:38:57 GMT
Date: Sun, 08 Jan 2023 07:44:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9269
Expires: Sun, 08 Jan 2023 10:19:22 GMT
Date: Sun, 08 Jan 2023 07:44:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9269
Expires: Sun, 08 Jan 2023 10:19:22 GMT
Date: Sun, 08 Jan 2023 07:44:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31e0f912-f32f-48cd-95c9-407d47b0f97e.jpeg
200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31e0f912-f32f-48cd-95c9-407d47b0f97e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92aa4acb1f2c4fdb529b6612f83dab86
443d2e3f11a3a2a7688d817d3769a5ab55a73fcb
1d1333ee429dbc1725516cec55e0d613d9b6c4955b8346a2876badd4ee6d5b56
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31e0f912-f32f-48cd-95c9-407d47b0f97e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3471
x-amzn-requestid: df87884a-3b63-400b-aed1-fc4d3807182b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTNhhETEIAMFeKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b78fa3-1891550536b924017f0adc4e;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 03:04:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NrjQ2VLGhkRT-8LZqFqLhQYc9Un3DXXxesVkZb6a4t7RK0V3He61DA==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 03:26:45 GMT
age: 15488
etag: "443d2e3f11a3a2a7688d817d3769a5ab55a73fcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F753d022b-5cb9-4f9b-b520-756c952710b3.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F753d022b-5cb9-4f9b-b520-756c952710b3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2abe0388f11bae93f827a971bd29802
a57915c3b8388bc23c3a677ba12cc0525d949c2c
d23c15ca723fe73f6893703c7d1830034182fb1c9c620837313774c62368fa06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F753d022b-5cb9-4f9b-b520-756c952710b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10544
x-amzn-requestid: 04bdd2a7-b3dd-434b-833c-7101a1da9da7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDy1E_goAMFmgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e678-3468e4a9174280c146f28962;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:39:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BTPEBPH5icsKe4sSjs8d_ILObhQcrFYwZG6VnW33Wv6lQzEp_AzcnQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 22:37:47 GMT
age: 32826
etag: "a57915c3b8388bc23c3a677ba12cc0525d949c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd37b37f6-0573-4e9c-a9a7-e929e467ad92.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd37b37f6-0573-4e9c-a9a7-e929e467ad92.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1cff64e08720bab2f19d7f3649776cb
9a3a7926851f5b902977cd16430e1cc4289bd222
b3dadac3a431a57c0c2cb3627dfcba8d81917efc0f227d9b7c9cd356e072a28f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd37b37f6-0573-4e9c-a9a7-e929e467ad92.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6903
x-amzn-requestid: 4b171872-69b6-443a-8a17-2567e164549f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTxzEFnkIAMF09w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c9ad-6affd2bd5d1bc0572faa2b3b;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MgqFc4776MQBMl3kw1pcarHATAyMgD4e0P-V1Oc264tM7EG2SKLJwg==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 07:37:07 GMT
age: 466
etag: "9a3a7926851f5b902977cd16430e1cc4289bd222"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 407fef75-2217-4da7-8ea8-b5ede48a0615
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eNKshEEvoAMFkMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b524b6-72ca4e7b3034e7ac1f3fa1ed;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 07:03:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xOpZDrVh8MsfFqh0HuJJIWFvlgIm0jUE73p9MpgRA1PO_VAv0vP2nw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 16:43:14 GMT
age: 54099
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b87931-1da2-4c32-a7a2-e37c7524d5a7.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b87931-1da2-4c32-a7a2-e37c7524d5a7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23662a8e73c232630a76aea836878b27
e3803da17cfb2f7ba3d264386270af553e047aab
fbbcc8fba298324ef1d956a2918b597c780e8e66f806e71a55e449b4ae5030ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b87931-1da2-4c32-a7a2-e37c7524d5a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5568
x-amzn-requestid: 48ec5deb-e900-4f2f-8fb6-d899c150ee3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDwlGuioAMFiwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e669-6000f61d0ec95d9e6ac77fc1;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R5GXJKLoWu5Vhwopj182Ef0en8qqm0dP0USVwGwX1c64iXQA2QD2aQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 22:00:54 GMT
age: 35039
etag: "e3803da17cfb2f7ba3d264386270af553e047aab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4c877ef-76ec-4130-a623-3cfe6579a770.png
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4c877ef-76ec-4130-a623-3cfe6579a770.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30c53ae078b112f7186e910c38898233
d3c58c28f0734f98bed64a26ede077464c3ad3f2
8f7dd1cf9f1472468a7caaf67a8f9c15bfe8836badcfb3249a9a8a7a6c3c0533
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4c877ef-76ec-4130-a623-3cfe6579a770.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13787
x-amzn-requestid: 2598b4fe-a032-47d7-8e6c-cfdcfbe9d64a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDvYE35IAMF1Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e662-574eb7370aac63dd531d6b75;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cd50TSdgJPa-oMD9VpvWgVF9DMls8TmQqVUNNj5d6BPlVnN1_3vTUA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 22:05:52 GMT
age: 34741
etag: "d3c58c28f0734f98bed64a26ede077464c3ad3f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
go.doubledoubleup.com/visit/?bta=35656&brand=doggocasino&rdk=rk1
302 Object moved 296 B URL HTTP/1.1 go.doubledoubleup.com/visit/?bta=35656&brand=doggocasino&rdk=rk1
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2bd765e8a33ca13dbacced6571e73fc0
8af129e82f133ce03c7bc529420b606aacecf995
a4c2fa6379f36a3b8670614f29369510d815ebf418359483be603587c0cf73ed
GET /visit/?bta=35656&brand=doggocasino&rdk=rk1 HTTP/1.1
Host: go.doubledoubleup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: doggocasino=bta=35656&Visitors=q&cid=390258
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Object moved
Server: rhino-core-shield
Date: Sun, 08 Jan 2023 07:44:53 GMT
Content-Type: text/html; Charset=UTF-8
Content-Length: 296
Connection: keep-alive
Cache-Control: private,no-cache
Pragma: no-cache
Expires: Sat, 07 Jan 2023 07:44:50 GMT
Location: https://doggocasino.com/en-us?affiliateName=[cellxpert]&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Set-Cookie: doggocasino=bta=35656&cid=390258&Visitors=q; expires=Wed, 08-Feb-2023 07:44:50 GMT; path=/
X-Cache-Status: MISS
Access-Control-Allow-Origin: *
51d4256e-9ede-4425-8b77-d7e5166c1c25.snippet.antillephone.com/apg-seal.js
200 OK 1.7 kB URL HTTP/2 51d4256e-9ede-4425-8b77-d7e5166c1c25.snippet.antillephone.com/apg-seal.js
IP
Hash c818cc0629ec780eddea47dfebfbb1e5
f7ce542fac3870c3dda1a243ae452de20ca72aeb
ff77b62c1e49fb38428c7245c6e622b87269dbac99c265329077f8478cb1ad0b
GET /apg-seal.js HTTP/1.1
Host: 51d4256e-9ede-4425-8b77-d7e5166c1c25.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Sun, 08 Jan 2023 07:40:00 GMT
x-powered-by: Express
cache-control: max-age=300
etag: W/"c2b-YlXsUxIPRjUaC++7LRC5fKLFy+4"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786348599bb3bbc1-FRA
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wNII6nZZjdlKdpRfxiJrXvRlgoXNwl8x5wZwFweFhLxq5i0qETnsfA==
age: 293
X-Firefox-Spdy: h2
doggocasino.com/styles.1f7587ee8c68e382c584.css
200 OK 94 kB URL HTTP/2 doggocasino.com/styles.1f7587ee8c68e382c584.css
IP
Hash 86a3bb15a93822fa627cea5d54a31303
7b3092c7faa61efd10316286c6b0e8b275a8c480
f1b11114e50f4881c24ff9b9de689039da42240916741b476c18bcb087a0806a
GET /styles.1f7587ee8c68e382c584.css HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/en-us?affiliateName=[cellxpert]&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1
Cookie: _ga_K4EHGY5F0T=GS1.1.1673158586.1.1.1673158594.52.0.0; _ga=GA1.2.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:20 GMT
x-amz-version-id: Xjj9Je2exoNVxEa4P.X.sNTUdHXzkixQ
server: AmazonS3
content-encoding: gzip
date: Sat, 07 Jan 2023 12:38:01 GMT
etag: W/"93f255b705d4a25e054f90eee3c18775"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 83154
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rF2lAVjXhjNeTkpIgukDte4jmq5JIw6soTO2aEp2Kfv6MYR5uXCojw==
X-Firefox-Spdy: h2
doggocasino.com/assets/fonts/CeraPro/CeraPro-Regular.ttf
200 OK 167 kB URL HTTP/2 doggocasino.com/assets/fonts/CeraPro/CeraPro-Regular.ttf
IP
File type TrueType Font data, 15 tables, 1st "FFTM", 26 names, Macintosh\012- data
Size 167 kB (166620 bytes)
Hash cf954f65e33513f8a1f75f8083674834
dde47f28e602f3aa1488ec6a2126ab75c26e2ac4
21c63b1ab7ed2243a23e609485b1391e7d7bf8ba6a8a01f9ae0e515844c4591e
GET /assets/fonts/CeraPro/CeraPro-Regular.ttf HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/styles.1f7587ee8c68e382c584.css
Cookie: _ga_K4EHGY5F0T=GS1.1.1673158586.1.1.1673158594.52.0.0; _ga=GA1.2.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 166620
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:21 GMT
x-amz-version-id: 1b0c50NWufrcrVZd9SIhlV1WKcw4ek3v
server: AmazonS3
date: Sat, 07 Jan 2023 11:09:25 GMT
etag: "cf954f65e33513f8a1f75f8083674834"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 74129
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oa1bJ8hnwrbelwN48cOOocfOOFHS-OolSh6yyeLmzXwj81INViGGHg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 315edeafe1715f46de7d38be371473a8
25e357166d0ddfff3e60f9042d56f37c1ab7163a
9869582721de4f610dca5030b9a703863d2eae2667061b2f722aebdaf60468e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:44:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 63bccc1f66ce9e92e4b40dfb3d397e96
b256695f795919c1fa3d0de461cf4d44fb7573f3
739ed63c77b8f2f8ae1e929d2e6ce784986ea0d3230d2a65cc9f733837c8a581
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:44:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ouhastay.net/afu.php?zoneid=3647676
200 OK 1.2 kB URL HTTP/2 ouhastay.net/afu.php?zoneid=3647676
IP
Hash b8b0ccb68ad88eee1535c376774d9870
2446bb50ed4d3fa8e1a9e6287401f5a63d0e3dcb
56d0c4976b87e48f880dc6a26d411255ab3bc227027a7db5bf93313f8b664aef
Analyzer Verdict Alert quad9 Sinkholed
GET /afu.php?zoneid=3647676 HTTP/1.1
Host: ouhastay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 07:44:53 GMT
content-type: text/html; charset=utf8
x-trace-id: 3674169af979cea80842111d14cb09aa
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://go.doubledoubleup.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0ce0694ed0e04b6b96bb89642462ace2; expires=Mon, 08 Jan 2024 07:44:53 GMT; path=/; secure; SameSite=None
oaidts=1673163893; expires=Mon, 08 Jan 2024 07:44:53 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 03ddaaf5d30a41533476b6b4c7c81b45
c13e9f286c7ef93539a0832c52b1d40123401b2c
60aa43586eda42871a3b44be69d6329a2ed02fd47adb691bff84b0a6cc8f90b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5296
Cache-Control: max-age=143415
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:44:54 GMT
Etag: "63b9ecfd-117"
Expires: Mon, 09 Jan 2023 23:35:09 GMT
Last-Modified: Sat, 07 Jan 2023 22:06:53 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
cdn.iconvert.network/code/9f66804e-a360-401a-966a-3d11f064f2f2.js
200 OK 3.9 kB URL HTTP/2 cdn.iconvert.network/code/9f66804e-a360-401a-966a-3d11f064f2f2.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (46470), with no line terminators
Hash 18a6bfe25d9aab451dabd630d95c8c18
1070c8c028d60f38065c45933941690f42cc6eae
72e81a0214f2221fa643565b6f47bb4b10d3d6fee14c12221fdf423ab499ab84
GET /code/9f66804e-a360-401a-966a-3d11f064f2f2.js HTTP/1.1
Host: cdn.iconvert.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 3936
last-modified: Thu, 24 Nov 2022 10:07:06 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Sun, 08 Jan 2023 06:27:00 GMT
cache-control: max-age=7200
etag: "18a6bfe25d9aab451dabd630d95c8c18"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: HzbTxDSkkhX_q9w0AL8F0jyJcIjduuhCublynbjqtrRkYuxcI42cUQ==
age: 4675
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 63bccc1f66ce9e92e4b40dfb3d397e96
b256695f795919c1fa3d0de461cf4d44fb7573f3
739ed63c77b8f2f8ae1e929d2e6ce784986ea0d3230d2a65cc9f733837c8a581
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:44:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2d1c8d36-b9ba-45b7-87c9-e34c592a597a.seals-emr.certria.com/emr-seal.js
200 OK 1.3 kB URL HTTP/2 2d1c8d36-b9ba-45b7-87c9-e34c592a597a.seals-emr.certria.com/emr-seal.js
IP
Hash f41a01de43363ecf67bd7d933aef2393
9c514fdb3b47fed45471deff2678b3c10af47d1c
6a14cd5672df8c7b6d504ce0a48817d59fee8444cac97f78d6972695db14139b
GET /emr-seal.js HTTP/1.1
Host: 2d1c8d36-b9ba-45b7-87c9-e34c592a597a.seals-emr.certria.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Sun, 08 Jan 2023 07:40:22 GMT
x-powered-by: Express
cache-control: max-age=300
etag: W/"c27-GDErKzTtUeGgJc7f0FKheSOjJiM"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786348de1f3c9bbe-FRA
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CKBg_UYqpeUwbkHmqXOU1npo16OuKuq4kEMBRqWtpH7oLx5EnOJbvA==
age: 271
X-Firefox-Spdy: h2
cdn.iconvert.network/js/app-1.24.0/main.min.js
200 OK 74 kB URL HTTP/2 cdn.iconvert.network/js/app-1.24.0/main.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (34417)
Hash dfd65c2570b8005934fb8082936efa1d
ec4ca5d990a4e1160df66a842a78aedd09fdfe8b
470501c2035484b52a240e4a68d16560eec3e0a7630aa19ecab9629cab28574c
GET /js/app-1.24.0/main.min.js HTTP/1.1
Host: cdn.iconvert.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 74390
last-modified: Mon, 03 Oct 2022 14:22:54 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Sun, 08 Jan 2023 07:00:31 GMT
cache-control: max-age=7200
etag: "dfd65c2570b8005934fb8082936efa1d"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: J0GfGXHrPX7lU02XYxy3Q4W1qcKC7c63Kl9cjDs0QdPs7-j9evkZzg==
age: 2682
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash c591316be5456690e891721cf65c25ce
4dec2a7ecf232889afa28e425cbb449a12360909
a0b79f166de1bc123c551aea0c42f34128cf897ceec72ac01324c659f13a85ac
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A0B79F166DE1BC123C551AEA0C42F34128CF897CEEC72AC01324C659F13A85AC"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9273
Expires: Sun, 08 Jan 2023 10:19:27 GMT
Date: Sun, 08 Jan 2023 07:44:54 GMT
Connection: keep-alive
scripts.prdredir.com/scripts/k_doggocasino.js
200 OK 529 B URL HTTP/2 scripts.prdredir.com/scripts/k_doggocasino.js
IP
Hash ad83d4111706b7c06c5208be03491a5f
af688213e410f2ce58f7216c69bcd79d2a9fc4dc
ad017ef77abb4f65b4c76578ad85e613c7dd9e282b539a4e325d23091bf13346
GET /scripts/k_doggocasino.js HTTP/1.1
Host: scripts.prdredir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:54 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=0, public
access-control-allow-origin: *
x-request-id: ecf6f9b0-c881-47eb-9cc0-7b30404fbeaf
etag: W/"95d838de11136e7964ca0eaa375bf294"
x-runtime: 0.007568
expires: 2022-12-09 07:44:54 UTC
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22gfzPPY6zYhuDZfE1qoRsNxwPgt8bT9n1lw4IKc9TfBurSOT0F6EZ%2BHXhiZBgW4hbY2o3WbE1xwI7%2BcInoZ280ePjvn4LN68seu6uTDMjrovRFtV1yfaN2%2F7Jic5tnC%2B4%2F80p7iwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78634f828fbf0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash f8b74818d5a0622da1c8876e9ae44cb4
3e370a76df55fa12aedf1b64bbd938009fe692fa
2a1d8665a0c72fd6ac13351fef62cbd13b80437382b3780ca7fcc8999e6428fe
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123954
Date: Sun, 08 Jan 2023 07:44:54 GMT
Etag: "63b9aaec-1d7"
Expires: Mon, 09 Jan 2023 18:10:48 GMT
Last-Modified: Sat, 07 Jan 2023 17:25:00 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FKa7AwWEEXpBr8wjT61SM8j_gt5PF0RmWuhG9YsBaaHHFaWirhYEyQ==
Age: 2748
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 6991a62da0945a173f51013a8d837c27
abef31d527b321470492629819a7a0b7a17c4cea
b8b9c34bf9e62cbefa3d385aa7432defe0f3d15a14ff8bcb3b81f58d5d0af6c5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 08 Jan 2023 07:44:54 GMT
Etag: "63b8fcaa-1d7"
Server: ECS (dcb/7FA7)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2pQMewDIUkKMz_SGVBNUPxRdMt_u61ABqwyyInu4Xow-iXlqHGXHIg==
backoffice.regily.com/releases?new=true&partner=doggocasino&env=stable
200 OK 2 B URL HTTP/2 backoffice.regily.com/releases?new=true&partner=doggocasino&env=stable
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /releases?new=true&partner=doggocasino&env=stable HTTP/1.1
Host: backoffice.regily.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doggocasino.com
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:54 GMT
content-type: application/json; charset=utf-8
content-length: 2
x-amzn-requestid: 152c595c-8b4b-49fe-876e-71bd3a9f9a4f
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=15552000; includeSubDomains
x-ratelimit-reset: 1673163925
x-amzn-remapped-content-length: 2
x-frame-options: SAMEORIGIN
allow: GET,POST,PUT,PATCH,DELETE
x-amzn-remapped-connection: keep-alive
x-download-options: noopen
x-ratelimit-remaining: 99
x-amz-apigw-id: eacihHiAjoEF3bA=
vary: Accept, Accept-Encoding
x-ratelimit-limit: 100
x-content-type-options: nosniff
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-amzn-trace-id: Root=1-63ba7476-261ce061045acd257e1c4ee6
x-amzn-remapped-date: Sun, 08 Jan 2023 07:44:54 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 7423beaf06bd3684984a469d949f9009
93276d2e3d2376811e1e0dcacd5a972ea1b2d537
c63c7c36ab0ec4d4a3af8ded20512f75ea889330a64eabb52c728d856238add9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:44:54 GMT
Etag: "63b85d8d-118"
Server: ECS (amb/6BB4)
Content-Length: 280
geo-lookup.iconvert.network/?callback=_jsonp_0
200 OK 23 B URL HTTP/2 geo-lookup.iconvert.network/?callback=_jsonp_0
IP
File type ASCII text, with no line terminators
Hash 77a2b27581b0e6f8e1866d12a9fb3460
0d6912f1aabf2f9f191883767a565846b6b23387
892b6da823563cbd0865b33fd6f805e495769f555aa11679fa72c82e56abe9fd
GET /?callback=_jsonp_0 HTTP/1.1
Host: geo-lookup.iconvert.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 23
x-amz-bucket-region: us-east-1
date: Sun, 08 Jan 2023 07:44:43 GMT
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RSVDuTdrynZeuWGYXA7zxwj_hPstJkAUAcZOB-VFFL67KLj5j9hTqQ==
age: 11
X-Firefox-Spdy: h2
cdn.iconvert.network/js/sp/2.16.3/snowplow.js
200 OK 28 kB URL HTTP/2 cdn.iconvert.network/js/sp/2.16.3/snowplow.js
IP
Hash 516fb085b7f85898ef7c693ad24e9ff2
53c47a3b857c3bfa9e7f63fff4e97e70bae3bb9e
ef7e18669ab405d8d118ae072fb0f5db7d5f69fb87ed0ac75b241f1427add61c
GET /js/sp/2.16.3/snowplow.js HTTP/1.1
Host: cdn.iconvert.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 26 Nov 2020 12:36:51 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 07:22:51 GMT
cache-control: max-age=7200
etag: W/"670ad61b7edac1fac01a4ef6e87bc233"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: JbPqTXTwRngRTsO5YHWpnWuP_sLQr3M_JAPI9bhgmRPLfFA6z5_1VQ==
age: 1325
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
cmsapi.doggocasino.com/ajax/country/countryblock
200 OK 177 B URL HTTP/1.1 cmsapi.doggocasino.com/ajax/country/countryblock
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 84a5fedf11ca403c40bcc33c089efabe
2e920993f57a1596c8c26b0e1b8b076458b25994
3873db006fd547eb926c6604f46a926e298eeaa909f6a667d2872f8237f3fc93
GET /ajax/country/countryblock HTTP/1.1
Host: cmsapi.doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doggocasino.com
Connection: keep-alive
Referer: https://doggocasino.com/
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:44:54 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://doggocasino.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request-ID,X-REQ-ID
Set-Cookie: ci_session=m1hpj47ahkh78rel5v31lh9og6oi8ovo; expires=Sun, 08-Jan-2023 08:44:54 GMT; Max-Age=3600; path=/; SameSite=None; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Language: en
Vary: Accept-Encoding, Accept-Encoding
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 887f330c2312a70256c1d99436758da7
1e0e52cd81d89904b37156759cfe53e90e64ed08
ab323a2382661c88b2c6e8e6d2d0f4037a49e82296b176bcac3eba80f229876f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=88263
Date: Sun, 08 Jan 2023 07:44:54 GMT
Etag: "63b9131d-1d7"
Expires: Mon, 09 Jan 2023 08:15:57 GMT
Last-Modified: Sat, 07 Jan 2023 06:37:17 GMT
Server: ECS (dcb/7EC6)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: P_NgbPD-ysSilbsDRhpdS4UkrMqfxV6Z_lA7t57mQXc3K-8q7Fa4rQ==
Age: 5920
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ad3ec0640b2500afd75e15717017a141
6beca252db7f0dc4c142ecc0f3fc7d957756b862
16afa503c8b5a722ea139068a09ab609b141ac4ecc187f7cba65da8788e96c37
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169592
Date: Sun, 08 Jan 2023 07:44:54 GMT
Etag: "63ba64a3-1d7"
Expires: Tue, 10 Jan 2023 06:51:26 GMT
Last-Modified: Sun, 08 Jan 2023 06:37:23 GMT
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XbtAj80gBXsIepiM9nrJcZ_LOyOpDhYjo-IcYjhL_bgFtUtt-y0G9w==
Age: 843
cmsapi.doggocasino.com/ajax/policy/getPolicies
200 OK 197 B URL HTTP/1.1 cmsapi.doggocasino.com/ajax/policy/getPolicies
IP
File type JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Hash 3d71629c07dc044ad909dc8e02f1f27c
3ff809845e7d55d7067bee6e645c6e5b7e7fb85f
72efb757aa046854ca03633e888c7358311e12b3b4020d2e808fed3ed1a0b20e
GET /ajax/policy/getPolicies HTTP/1.1
Host: cmsapi.doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doggocasino.com
Connection: keep-alive
Referer: https://doggocasino.com/
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; ci_session=m1hpj47ahkh78rel5v31lh9og6oi8ovo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:44:54 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://doggocasino.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request-ID,X-REQ-ID
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: ci_session=m1hpj47ahkh78rel5v31lh9og6oi8ovo; expires=Sun, 08-Jan-2023 08:44:54 GMT; Max-Age=3600; path=/; SameSite=None; secure; HttpOnly
Content-Language: en
Vary: Accept-Encoding, Accept-Encoding
Content-Encoding: gzip
event.iconvert.network/com.snowplowanalytics.snowplow/tp2
200 OK 0 B URL HTTP/2 event.iconvert.network/com.snowplowanalytics.snowplow/tp2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: event.iconvert.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://doggocasino.com/
Origin: https://doggocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:54 GMT
content-length: 0
access-control-allow-origin: https://doggocasino.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-max-age: 5
server: akka-http/10.0.9
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/pragmatic-play.png
200 OK 10 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/pragmatic-play.png
IP
File type PNG image data, 276 x 138, 8-bit/color RGBA, non-interlaced\012- data
Hash 22799434150dca8d59bf7733f74db4b6
ff7b186d5249e3061a07724a50c9cc3f2b6e2aa1
23ed44cd444692fa3e48eb345878f1e394fbedcb34f26d3906b0ab1fe958d6a9
GET /uploads/media/DOC/home/pragmatic-play.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: eca3ad788ddb94f321d262770254aacf2501b6da
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 4641885
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10039-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 10517
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/mb.png
200 OK 996 B URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/mb.png
IP
File type PNG image data, 561 x 92, 8-bit colormap, non-interlaced\012- data
Hash 4a561b1203db848a0fd069a40105f7a3
432ddaa10b45e26988bc1bddf69a9272a3acaf15
6e979cde819c2b590d29574b712bc5716a818a133e994b7481ff6e293c0d6905
GET /uploads/media/DOC/home/mb.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Fri, 05 Aug 2022 07:05:23 GMT
server: imgix
x-imgix-id: 56961871c145a7e032cb319d8d2ca8989849e05d
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 3531440
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10064-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 996
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/red-tiger.png
200 OK 11 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/red-tiger.png
IP
File type PNG image data, 276 x 138, 8-bit/color RGBA, non-interlaced\012- data
Hash 4d970a8ff362df7c5514aceaa5e3ebe7
55104f39398363a86ccc9c47e5cfa26104ba5a25
cca9d171d20873e005d4c9a6fb3c9df4fb19748d2f66eeb2188aa1fce25d51e1
GET /uploads/media/DOC/home/red-tiger.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: 59cef1d74cb5b52ac14092208b5a093a63b364a7
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 5864247
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10040-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 11314
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/rela-gaming.png
200 OK 4.8 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/rela-gaming.png
IP
File type PNG image data, 273 x 135, 8-bit/color RGBA, non-interlaced\012- data
Hash c9bedd7123ad42428e2ec792776053a8
0925be562535b671f95ff19d90347a8fb6a7ffe1
32409ee3167289537c27f80696a05e8591ed3cabcb086263d0d08daea12d2e61
GET /uploads/media/DOC/home/rela-gaming.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: 6033687633caaffae73c5e17a6003f8c59b85fda
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 7084006
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10083-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 4798
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/playson.png
200 OK 8.8 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/playson.png
IP
File type PNG image data, 264 x 132, 8-bit/color RGBA, non-interlaced\012- data
Hash 8f247ad2ba24f62d8568361c71599fcb
a47ec378109d5167452c3c84b6c0ef7e82a0f015
e9f5402ef88a83fe5198a1e164be87b7751d1aa3e3ebf67faf128ad20de81d80
GET /uploads/media/DOC/home/playson.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: 3ac653f153cacea1d8395bd4c0737ea8facc2bd6
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 7499637
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10021-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 8797
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/quick-spin.png
200 OK 7.3 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/quick-spin.png
IP
File type PNG image data, 264 x 132, 8-bit/color RGBA, non-interlaced\012- data
Hash c4651477b077d4f4dea3646065567885
df7eecb46d7709e9c490b399b9e4795e64595792
04c9cd3e8cfb7fa6e88c28b17cf9b2c87f83d5e1adadc20f2615ff1f1fdd0e88
GET /uploads/media/DOC/home/quick-spin.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: b3f7542b22878ec5c77012762c5b725ec229b35d
x-imgix-render-farm: 02.552
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 326283
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10021-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 7266
X-Firefox-Spdy: h2
doggocasino.zendesk.com/embeddable/config
200 OK 12 kB URL HTTP/2 doggocasino.zendesk.com/embeddable/config
IP
File type JSON data\012- , ASCII text, with very long lines (995), with no line terminators
Hash 3a5ff1803dd7da7a69addb9ff8ea2fb1
ca93ae1f454b851d4bfe4606dd4bd75bcc4055a5
720dcb855d6db1b9039fbda0c1ce2fedf9799a353e8210f190fe2fcc6f78d666
GET /embeddable/config HTTP/1.1
Host: doggocasino.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://doggocasino.com/
Origin: https://doggocasino.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:54 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers:
access-control-max-age: 7200
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-74956859c8-vmhsj
x-request-id: 786309af5e6cb4f9-DUB
x-runtime: 0.001028
vary: Origin, Accept-Encoding
x-cached: STALE
last-modified: Sun, 08 Jan 2023 07:43:24 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHtum7b5cPLPctnPU0zBBfZy5CEmCOe9Y0skx9bYHbU9PVcjl2s4Z7FUyyzL60doglw6FRrY0YbaOrePLw1iKmoNUR%2By%2FmXkzSGg0JABuU6VMmzDXBHAZ4D6rhBjTVefc%2FWcnMw5%2Fhro"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=565e946bbfe81a6c765c3eeff669eebb97987c91-1673163894; path=/; domain=.doggocasino.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 78634f851d15fabc-OSL
content-encoding: br
X-Firefox-Spdy: h2
cmsapi.doggocasino.com/ajax/staticPage/getPage?url_path=footer-no&language=no
200 OK 1.3 kB URL HTTP/1.1 cmsapi.doggocasino.com/ajax/staticPage/getPage?url_path=footer-no&language=no
IP
File type JSON data\012- HTML document, ASCII text, with very long lines (6442), with no line terminators
Hash b4514acd3007bc22981a574b714d4a63
5141f79b74d18624f30fb5f77c91895fc9d73866
bbc76d53fb64b13595479d93bc7d521e0e7c90e9e2d18d636cf2dc2f12aa7718
GET /ajax/staticPage/getPage?url_path=footer-no&language=no HTTP/1.1
Host: cmsapi.doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doggocasino.com
Connection: keep-alive
Referer: https://doggocasino.com/
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; ci_session=m1hpj47ahkh78rel5v31lh9og6oi8ovo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:44:54 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://doggocasino.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request-ID,X-REQ-ID
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: ci_session=m1hpj47ahkh78rel5v31lh9og6oi8ovo; expires=Sun, 08-Jan-2023 08:44:54 GMT; Max-Age=3600; path=/; SameSite=None; secure; HttpOnly
Content-Language: en
Vary: Accept-Encoding, Accept-Encoding
Content-Encoding: gzip
fonts.googleapis.com/css2?family=Roboto:wght@400;700
200 OK 8.2 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400;700
IP
Hash bfec6b2fec7e54d461ec33cc332265c0
19c15fdc8a4c2980e831690cafe6d9cfd382599a
987897bae8e2e5533190113b35d2c94d150c1de0be6e81c1e69220e1c8b371e6
GET /css2?family=Roboto:wght@400;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 08 Jan 2023 07:44:54 GMT
date: Sun, 08 Jan 2023 07:44:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/game-art.png
200 OK 6.2 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/game-art.png
IP
File type PNG image data, 279 x 138, 8-bit/color RGBA, non-interlaced\012- data
Hash a077d41a5bfa379097dd3b0dca4c236a
1e5a4e68cdf2fa8aad5613036632a5422f804d52
dbeb43c9dfabd489d74ef02d98a9d857e9400b3f2c1dc3ecf9f7bbd3a9180a58
GET /uploads/media/DOC/home/game-art.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: 156eae225a670763a1941c7cab6441bc1bc01231
x-imgix-render-farm: 01.1064
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 5329863
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10057-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 6248
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/blue-print.png
200 OK 13 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/blue-print.png
IP
File type PNG image data, 276 x 138, 8-bit/color RGBA, non-interlaced\012- data
Hash 215e832f2352ba2b101cdad72966f603
a1dcf49c0377e3f1e1c6bfcef8e49435dfffc781
dc6f2ec8948d25ba0a77ce6aedfcc118857fd6733c4801697db1e8b073e65456
GET /uploads/media/DOC/home/blue-print.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: 22ce464371762ac6d7bfdc4518bc66e919f06221
x-imgix-render-farm: 01.1064
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 5221366
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10077-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 13093
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/fantasma.png
200 OK 8.5 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/fantasma.png
IP
File type PNG image data, 249 x 126, 8-bit/color RGBA, non-interlaced\012- data
Hash c665b0d5e32fda6859ff497e1e69c43f
c182cf5a9438a4af020fc6c98dc6a101825fd0f4
031eda00e0705a5d0c4d98517a0d465a921256d4d0ff85a571858b1d41fce01a
GET /uploads/media/DOC/home/fantasma.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: b4ad11aad057e8c05fc0b0f8b5527d7ab0b1dd0c
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 3270943
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10074-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 8546
X-Firefox-Spdy: h2
cmsapi.doggocasino.com/ajax/staticPage/getPage?url_path=game-header-filter-data&language=no
200 OK 787 B URL HTTP/1.1 cmsapi.doggocasino.com/ajax/staticPage/getPage?url_path=game-header-filter-data&language=no
IP
File type JSON data\012- , ASCII text, with very long lines (4044), with no line terminators
Hash b0cee8610450eecc568afdbed759fc7f
addd0c1c653d9aa9c1bdce67d3418ad4994ca620
922d29e0f56d5a3799bb0bfd4e98f182827b6238418f86d1c67034ed47034a70
GET /ajax/staticPage/getPage?url_path=game-header-filter-data&language=no HTTP/1.1
Host: cmsapi.doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doggocasino.com
Connection: keep-alive
Referer: https://doggocasino.com/
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; ci_session=m1hpj47ahkh78rel5v31lh9og6oi8ovo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:44:54 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://doggocasino.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request-ID,X-REQ-ID
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: ci_session=m1hpj47ahkh78rel5v31lh9og6oi8ovo; expires=Sun, 08-Jan-2023 08:44:54 GMT; Max-Age=3600; path=/; SameSite=None; secure; HttpOnly
Content-Language: en
Vary: Accept-Encoding, Accept-Encoding
Content-Encoding: gzip
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/no-limit.png
200 OK 4.9 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/no-limit.png
IP
File type PNG image data, 282 x 141, 8-bit/color RGBA, non-interlaced\012- data
Hash a5a601b38f6b3b9f958d2eca3a4a45e5
6e1c5af69461c0cbcb4a03602018a9278a5d04aa
ea215374e2595992671808fdc26279914384c72d0c487829e0d85b7d50a71e81
GET /uploads/media/DOC/home/no-limit.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: efbe04cd14966a572ec0249915fa8e9dbcb1ab6d
x-imgix-render-farm: 01.1064
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 3276815
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10066-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 4863
X-Firefox-Spdy: h2
event.iconvert.network/com.snowplowanalytics.snowplow/tp2
200 OK 2 B URL HTTP/2 event.iconvert.network/com.snowplowanalytics.snowplow/tp2
IP
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: event.iconvert.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 701
Origin: https://doggocasino.com
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:54 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
set-cookie: sp=73248b53-be99-46eb-99af-4426cb0c5265; Expires=Mon, 08 Jan 2024 07:44:54 GMT; Path=/
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://doggocasino.com
access-control-allow-credentials: true
server: akka-http/10.0.9
X-Firefox-Spdy: h2
cmsapi.doggocasino.com/ajax/game/getLobbyListWithGameGroups?languageId=en
200 OK 618 B URL HTTP/1.1 cmsapi.doggocasino.com/ajax/game/getLobbyListWithGameGroups?languageId=en
IP
File type JSON data\012- , ASCII text, with very long lines (5234), with no line terminators
Hash 3af44e04d58117844c51b8e38b7ee76c
e92815e81b5e9151649407b7409485afd5136d6f
701c8cd4ec99d1bd8eae0abd06a8f09b3bcfe10cb80a78aefe16fcace92bfe22
GET /ajax/game/getLobbyListWithGameGroups?languageId=en HTTP/1.1
Host: cmsapi.doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doggocasino.com
Connection: keep-alive
Referer: https://doggocasino.com/
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; ci_session=m1hpj47ahkh78rel5v31lh9og6oi8ovo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:44:54 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://doggocasino.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request-ID,X-REQ-ID
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: ci_session=m1hpj47ahkh78rel5v31lh9og6oi8ovo; expires=Sun, 08-Jan-2023 08:44:54 GMT; Max-Age=3600; path=/; SameSite=None; secure; HttpOnly
Content-Language: en
Vary: Accept-Encoding, Accept-Encoding
Content-Encoding: gzip
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/northernlights.png
200 OK 9.7 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/northernlights.png
IP
File type PNG image data, 258 x 129, 8-bit/color RGBA, non-interlaced\012- data
Hash d00971dc7290a8d83d531bfe390dd39c
a2a9e0bd0d476994c9fb564a2976f254a865fccd
d9658fdd73aae24cab7d588506ca816cd6cbe7e6917169298e4a1167d71421f0
GET /uploads/media/DOC/home/northernlights.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: b7b0828bf9802afd4ca81d7ee3b043e8a2a1a7aa
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 5183336
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10081-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 9665
X-Firefox-Spdy: h2
doggocasino.com/scripts.1064ca3406a50daf3ddc.js
200 OK 16 kB URL HTTP/2 doggocasino.com/scripts.1064ca3406a50daf3ddc.js
IP
Hash 9d64575c5bdc86ef981d59f7d96c0c45
fc7cc24ac177dafc614bfb763422439a72c6d37c
a1c1c640f90763aaf916f0ce8f2f53ae3c37eb6b78066fa407da539f9f80ebfb
GET /scripts.1064ca3406a50daf3ddc.js HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/en-us?affiliateName=[cellxpert]&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1
Cookie: _ga_K4EHGY5F0T=GS1.1.1673158586.1.1.1673158594.52.0.0; _ga=GA1.2.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:18 GMT
x-amz-version-id: i9SuumvVdGa1HF7ZKVTOK0DBunGG_AhX
server: AmazonS3
content-encoding: gzip
date: Sat, 07 Jan 2023 11:37:33 GMT
etag: W/"42a2bec801024b80f39d0bc44eba9251"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 82940
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3vT-BVlq9QVw6mCpkvW8Wq_5SbLt82yU0KkeKRgSDo5C0FnXaO5JTw==
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/elk-studios.png
200 OK 5.9 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/elk-studios.png
IP
File type PNG image data, 252 x 126, 8-bit/color RGBA, non-interlaced\012- data
Hash 51d08cb0697602f09624cc82bb4d5a55
e45470f8c08548f1048d9efd72799b7b09096673
10bdf4c280e8f097ab29f3829c19998b5a2f038a8e6b07537dbc9d777f35bbc7
GET /uploads/media/DOC/home/elk-studios.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: a8be3f7fcc7e0e5e50a51735a763ca42e282bbcc
x-imgix-render-farm: 01.1064
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 6414415
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10078-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 5941
X-Firefox-Spdy: h2
cmsapi.doggocasino.com/ajax/staticPage/getPage?url_path=game-header-filter-data&language=no
200 OK 787 B URL HTTP/1.1 cmsapi.doggocasino.com/ajax/staticPage/getPage?url_path=game-header-filter-data&language=no
IP
File type JSON data\012- , ASCII text, with very long lines (4044), with no line terminators
Hash b0cee8610450eecc568afdbed759fc7f
addd0c1c653d9aa9c1bdce67d3418ad4994ca620
922d29e0f56d5a3799bb0bfd4e98f182827b6238418f86d1c67034ed47034a70
GET /ajax/staticPage/getPage?url_path=game-header-filter-data&language=no HTTP/1.1
Host: cmsapi.doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doggocasino.com
Connection: keep-alive
Referer: https://doggocasino.com/
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; ci_session=m1hpj47ahkh78rel5v31lh9og6oi8ovo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:44:54 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://doggocasino.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request-ID,X-REQ-ID
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: ci_session=m1hpj47ahkh78rel5v31lh9og6oi8ovo; expires=Sun, 08-Jan-2023 08:44:54 GMT; Max-Age=3600; path=/; SameSite=None; secure; HttpOnly
Content-Language: en
Vary: Accept-Encoding, Accept-Encoding
Content-Encoding: gzip
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/maxwin.png
200 OK 4.5 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/maxwin.png
IP
File type PNG image data, 222 x 108, 8-bit/color RGBA, non-interlaced\012- data
Hash 7c449a3fe36a9169f6943ba2428db2b1
4454bc379ed44c9c9e4025e38fb70331826f1dcc
50b2cc15c9ffa7199cf2dfd14668041b77e1b893e1907fc2fa660fc0e70c1e34
GET /uploads/media/DOC/home/maxwin.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: 4ec650f3c03c4817c2aad744336385576cec4cdd
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 7084816
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10079-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 4465
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/gaming.png
200 OK 6.6 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/gaming.png
IP
File type PNG image data, 243 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash f0c61bac2c685ab90cdeba03f39a73ff
db8a075fbe70ef285b8db7d68f79d17c9cf52aa3
b5b53a76e45279edccc190cb7603e0522f77e12b72b9b9d9075c937d53627ef9
GET /uploads/media/DOC/home/gaming.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: f5516194f1c84239a1b98d55710e00a65eb8f279
x-imgix-render-farm: 01.1064
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 5183337
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10081-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 6610
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/mb-bottom.png
200 OK 945 B URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/mb-bottom.png
IP
File type PNG image data, 555 x 78, 8-bit colormap, non-interlaced\012- data
Hash afd8b1279d095eddad3f7ad8df9892a3
407841662fc47b2d82e8a0cba898163a8c4d86b7
58b09fba62fa08df503bddcf36cf9fdc0e6d08a9a7bd2cfa122fc34fc3f6b6a2
GET /uploads/media/DOC/home/mb-bottom.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 14:38:42 GMT
server: imgix
x-imgix-id: 9604a605ff9399483ffa1266c921e5f617cc5d27
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 3273273
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10070-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 945
X-Firefox-Spdy: h2
cmsapi.doggocasino.com/ajax/Faq/getQuestions?lang=no
200 OK 6.9 kB URL HTTP/1.1 cmsapi.doggocasino.com/ajax/Faq/getQuestions?lang=no
IP
File type JSON data\012- , ASCII text, with very long lines (50212), with no line terminators
Hash 46712c8114b6b2df3f50d69f2c7f96f5
ba2ea03bba7ff2af9f432739a774496d4eef540a
854ab5787fc1cefb0da2eb75c4b09de68cabf38a0738bb133964b542e9ef20ac
GET /ajax/Faq/getQuestions?lang=no HTTP/1.1
Host: cmsapi.doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doggocasino.com
Connection: keep-alive
Referer: https://doggocasino.com/
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; ci_session=m1hpj47ahkh78rel5v31lh9og6oi8ovo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:44:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://doggocasino.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request-ID,X-REQ-ID
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: ci_session=m1hpj47ahkh78rel5v31lh9og6oi8ovo; expires=Sun, 08-Jan-2023 08:44:54 GMT; Max-Age=3600; path=/; SameSite=None; secure; HttpOnly
Content-Encoding: gzip
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/deposit.svg
200 OK 650 B URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/deposit.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (782)
Hash ca812eca4d915271b2e433e47965572d
ad6042ddb3c5a74d706929cc9b0dde2f4388eccc
e00b74a45064d746f4eb3ed3be367b512638632d7549b2c724878603b94fb0c4
GET /uploads/media/DOC/home/deposit.svg HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
content-encoding: gzip
server: imgix
x-imgix-id: 13b7a2d55e87294bf13a6a884866ef05bc1cbc0d
x-imgix-render-farm: 01.1064
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 3280353
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10066-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 650
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/withdrawals.svg
200 OK 635 B URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/withdrawals.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (738)
Hash 65cf7eb945d17e10d26ffa99ae01ca31
e7a55a6ee8076ec9a25f7bf6fe656ee79094f563
bcadc56bac241e35bcfab4d5ec90dbb398ad7d2cd7bf00253e918ab932ac6429
GET /uploads/media/DOC/home/withdrawals.svg HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 09 Nov 2022 12:38:48 GMT
content-encoding: gzip
server: imgix
x-imgix-id: b0d8cbd84a5d40f7a31f8d2a40dcf6e12ddff13c
x-imgix-render-farm: 02.552
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 4652183
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10035-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 635
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/mc.png
200 OK 9.2 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/mc.png
IP
File type PNG image data, 156 x 156, 8-bit/color RGBA, non-interlaced\012- data
Hash c7dd6fdc3e16c819c88735699286ea81
90c72fd87afa0024ce87797a4709ae71370f89ab
f4ad70ee60ce0b2c8179c15fa2cb20f561901f02ffabb8c8abe59436a5bb1b1c
GET /uploads/media/DOC/home/mc.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Thu, 04 Aug 2022 10:16:04 GMT
server: imgix
x-imgix-id: 5ac1c0635257e27880e4d45804d430e0c10109ee
x-imgix-render-farm: 02.552
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 4653150
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10035-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 9166
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/safety.svg
200 OK 1.1 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/safety.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1535)
Hash f4bceb3b835f466f7e3c3e31f22996da
7795f48b8e4ea4ee227f3e2c0a7490f1a0e6e576
9af7e809decc127848a79a3425ddec9855db28d150f935ada5de2a4f6d9775d4
GET /uploads/media/DOC/home/safety.svg HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
content-encoding: gzip
server: imgix
x-imgix-id: 964d44d72b652a9538aae37c30342dc375306c1a
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 5776006
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10052-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 1096
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/interac.png
200 OK 2.7 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/interac.png
IP
File type PNG image data, 153 x 156, 8-bit colormap, non-interlaced\012- data
Hash 9b9b9143bf86f05cda2161cc7ffcc3c8
4a793f79be620d49a751984f2a7c3bea07176894
d34b0fa6f4a752d9eaeb192ae7810afe5938865ffc0f01032f4b6ec4c1d7b8f3
GET /uploads/media/DOC/home/interac.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Thu, 04 Aug 2022 10:16:05 GMT
server: imgix
x-imgix-id: ed1c6f2730a37c1819802969d210f4b0df75ad80
x-imgix-render-farm: 01.1064
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 2829041
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10052-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 2738
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/ecashout.png
200 OK 2.6 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/ecashout.png
IP
File type PNG image data, 153 x 156, 8-bit colormap, non-interlaced\012- data
Hash a4c8123c11469403a676a4b6e6a5f301
321ba2a412968a39eb4e1ed9ed72b17b591d941d
a5fd2c66784ea49cb274ef2677c646762969e54b9371cdf556404f1e73483baf
GET /uploads/media/DOC/home/ecashout.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Thu, 04 Aug 2022 10:16:05 GMT
server: imgix
x-imgix-id: 69f383545740b3576766fcb1f7f2e7fd060e9952
x-imgix-render-farm: 02.552
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 2844986
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10048-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 2616
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/irondog.png
200 OK 5.8 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/irondog.png
IP
File type PNG image data, 231 x 114, 8-bit/color RGBA, non-interlaced\012- data
Hash c466772fc1afd400af737640c99f88a7
9ca1c550b69d2e5cb728c2a3668b2b35b0b0749e
e779742b7d5d724cb28028beb3ce8b72ebbbfea4c993fa19e01bb065cca77485
GET /uploads/media/DOC/home/irondog.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 09 Nov 2022 07:55:59 GMT
server: imgix
x-imgix-id: 07ade4d4a329aeebb13542f1a1f1753e6ef8e471
x-imgix-render-farm: 02.552
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 332146
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10081-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 5790
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/wins-mobile.png
200 OK 114 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/wins-mobile.png
IP
File type PNG image data, 369 x 373, 8-bit/color RGB, non-interlaced\012- data
Size 114 kB (114315 bytes)
Hash 9254612cbe7dc5e08eaad1c7b3b9bed3
4b1b7c636758fd514c10fb40179a3321f4757946
3f10fa5c434f2dc9a35bdbbe807dca7fabb1180153cf1013ceeee70846a67119
GET /uploads/media/DOC/home/wins-mobile.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 11:33:31 GMT
server: imgix
x-imgix-id: f34d513edc4c2eeb153958e0fad3397b1c0f2ee9
x-imgix-render-farm: 02.552
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 3094624
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10026-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 114315
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/visa.png
200 OK 10 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/visa.png
IP
File type PNG image data, 156 x 156, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c283e2c4040566cd8ad97b5866c9537
c61dd5f44d2f6473aeb0a71729928c5b94f5b623
349173c164101e5a60336be685e50f70df22ddcf0b84a87450bbfecc247b9d64
GET /uploads/media/DOC/home/visa.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Thu, 04 Aug 2022 10:16:05 GMT
server: imgix
x-imgix-id: fc011ac8714ce6e920fe34347bd05471a26519c8
x-imgix-render-farm: 01.1064
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 5577905
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10080-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 10038
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/dcs.png
200 OK 3.0 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/dcs.png
IP
File type PNG image data, 156 x 156, 8-bit colormap, non-interlaced\012- data
Hash 033e64d307fcfd62be869c5de0721c66
a2307ba759c902a98ec8af557f677929d2c0e28d
23050464c99491bdbff255e380dffcc5dbd1f69dffb401dc837dd3da9cfbcd54
GET /uploads/media/DOC/home/dcs.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Thu, 04 Aug 2022 09:33:44 GMT
server: imgix
x-imgix-id: f08012d74f54989bdfa4c2c6b92ef3188526885a
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 5094307
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10069-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 3003
X-Firefox-Spdy: h2
cmsapi.doggocasino.com/languages/DOC/no.json
200 OK 24 kB URL HTTP/1.1 cmsapi.doggocasino.com/languages/DOC/no.json
IP
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (2182), with CRLF line terminators
Hash 9b62907b1534ae01aab2a91848b8fb27
9c0a32b59d7ef6d0c68bd1d614cd1fad9da8d7c9
ce7008096ba3f8c8195ea67e429b61f7ee75c765f26f474f9dbe0db6eaf8a06a
GET /languages/DOC/no.json HTTP/1.1
Host: cmsapi.doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doggocasino.com
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:44:54 GMT
Content-Type: application/json
Last-Modified: Thu, 05 Jan 2023 16:07:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b6f5c6-1c4a1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-prerender,x-req-id
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
cmsapi.doggocasino.com/ajax/promotion/getPromotions?languageId=no
200 OK 8.9 kB URL HTTP/1.1 cmsapi.doggocasino.com/ajax/promotion/getPromotions?languageId=no
IP
File type JSON data\012- HTML document, ASCII text, with very long lines (37500), with no line terminators
Hash 977d44235257add1f0f0aae028a07389
7c3a307cdacb68439b2cea975b5ef2e7e67eed41
10ac0f58712b12cc9fb033a64331ef8902dcdcaaa98d7d7a897efc44d2237af4
GET /ajax/promotion/getPromotions?languageId=no HTTP/1.1
Host: cmsapi.doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doggocasino.com
Connection: keep-alive
Referer: https://doggocasino.com/
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; ci_session=m1hpj47ahkh78rel5v31lh9og6oi8ovo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:44:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://doggocasino.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request-ID,X-REQ-ID
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: ci_session=m1hpj47ahkh78rel5v31lh9og6oi8ovo; expires=Sun, 08-Jan-2023 08:44:54 GMT; Max-Age=3600; path=/; SameSite=None; secure; HttpOnly
Content-Encoding: gzip
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/bitcoin.png
200 OK 19 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/bitcoin.png
IP
File type PNG image data, 156 x 156, 8-bit/color RGBA, non-interlaced\012- data
Hash cd562a1e7de9e5bd919fed61dffcaf85
fd9c91b81380bdd4ced09ad4f55a859d1df908f0
c4d20189a065ee8bdc172576d404b4a7a5798a94449ca2c093b4b79e33ded24a
GET /uploads/media/DOC/home/bitcoin.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Thu, 04 Aug 2022 10:16:05 GMT
server: imgix
x-imgix-id: ae543caf57d0fc396ef59580adb82d8ef6148cd3
x-imgix-render-farm: 01.1064
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 5341633
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10057-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 18782
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/live-casino-alt.png
200 OK 932 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/live-casino-alt.png
IP
File type PNG image data, 1239 x 801, 8-bit/color RGBA, non-interlaced\012- data
Size 932 kB (931521 bytes)
Hash a3113ee83d7cfdda8586b419310bdcc1
601ddede664b13671e9dc48c58e5366c9fd2028e
ba00e861f4fe98eb485ddfd62a83960ee46462037e8362a5cecdbec96a7d440e
GET /uploads/media/DOC/home/live-casino-alt.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: ff0a63b8737b3fac42f7dcbb1a8b46be3e99518d
x-imgix-render-farm: 01.1064
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 5269470
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10033-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 931521
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/bitcash.png
200 OK 18 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/bitcash.png
IP
File type PNG image data, 174 x 174, 8-bit/color RGBA, non-interlaced\012- data
Hash e68bafdc431bb7237b47260e8d9bc046
a0fa8db91a6ac0ad63898d7407977e7782e32180
59fd94e8ca42bbd652ab2c1af7061afd79bf98bd2b7e4ad1256bcba73e9629a3
GET /uploads/media/DOC/home/bitcash.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Thu, 04 Aug 2022 10:16:06 GMT
server: imgix
x-imgix-id: 5452e6db461140babb5d6935a851bcb990ba0848
x-imgix-render-farm: 01.1064
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 5230630
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10045-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 18036
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/dogecoin.png
200 OK 15 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/dogecoin.png
IP
File type PNG image data, 165 x 168, 8-bit/color RGBA, non-interlaced\012- data
Hash 1e9329b8bf799a9b826f3a29b4f176c9
202c3b7f110e6a0f02cc57c4a5b9c2a0a04b0c91
c1bb8bbda40d80955c710bc3a20910eda13844db3ed1936d860de6f7bcd959ba
GET /uploads/media/DOC/home/dogecoin.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Thu, 04 Aug 2022 10:16:06 GMT
server: imgix
x-imgix-id: b93fdb7ebe47bfcaf7b9ae87de0815dc2dbcea28
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 5623309
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10060-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 15219
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/etr-new.png
200 OK 5.1 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/etr-new.png
IP
File type PNG image data, 165 x 168, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ede2b5b941cae8778d7dfa1354b6f10
6f02fcc2a92339e5bb2eb0a96962f89513ac7922
826c3ed09f7501644f305aebf992d904f308bbae1f25e5449d02de013d5a3fdb
GET /uploads/media/DOC/home/etr-new.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Mon, 08 Aug 2022 06:13:29 GMT
server: imgix
x-imgix-id: 18e894e53de3831e917cd5e37269b400d363b35d
x-imgix-render-farm: 01.1064
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 5116556
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10030-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 5095
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/litecoin-new.png
200 OK 14 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/litecoin-new.png
IP
File type PNG image data, 165 x 168, 8-bit/color RGBA, non-interlaced\012- data
Hash 9bc85726c5ca5e2a3d2a555a615c4256
049d4828511ea4d2bd01bb5f8a465885e6e9d704
9fd49d747b0dff0642c22a38a5fe92f32b56c91b99a1bb985e29c478a31776a1
GET /uploads/media/DOC/home/litecoin-new.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Mon, 08 Aug 2022 06:13:29 GMT
server: imgix
x-imgix-id: 496607c1ecc55274adeab02e6fc9fe2f17a021e2
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:54 GMT
age: 5333012
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10029-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 14490
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/ripple-new.png
200 OK 2.9 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/ripple-new.png
IP
File type PNG image data, 165 x 168, 8-bit colormap, non-interlaced\012- data
Hash 2aef5169d3eefdcac4fa852082d208c7
ef02e2b0d695d24bb8ca48fe6101dc118703d4ea
761cc6f5576279ba59dbe0ed38d8faae2291c1cb658ac6d4425e6d0274360b2b
GET /uploads/media/DOC/home/ripple-new.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Mon, 08 Aug 2022 06:13:29 GMT
server: imgix
x-imgix-id: 7127f048971a51617be81375e201a3979c64c107
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 6972656
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10059-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 2921
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/casino-mobile.png
200 OK 133 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/casino-mobile.png
IP
File type PNG image data, 371 x 397, 8-bit/color RGB, non-interlaced\012- data
Size 133 kB (133402 bytes)
Hash 36f9ecfb460d0de18df1ce7defb10711
b7ee68bd6d2c91ac3d85a452c53974a61cf6d1f0
75db45a28f5b61014fc62b70588a10a644f06cc20dc4f6769acdb10059c0a1b1
GET /uploads/media/DOC/home/casino-mobile.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Tue, 09 Aug 2022 01:43:47 GMT
server: imgix
x-imgix-id: cbeab96184b570df81c9140de058786f3bcebcc3
x-imgix-render-farm: 01.1064
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 5329863
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10029-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 133402
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/live-chat.svg
200 OK 839 B URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/live-chat.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (734)
Hash 83446e4d2f06186a15149eaff721bc82
be4daa2a3cdefe196af997d3859abd0137c2b46c
19e16d18413d121628f7ea88a731632d27f18ff3760dbb693f855f0878372c9d
GET /uploads/media/DOC/home/live-chat.svg HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Thu, 09 Jun 2022 04:34:39 GMT
content-encoding: gzip
server: imgix
x-imgix-id: 4b3de38e2392e00f600484d978499ce447f38500
x-imgix-render-farm: 01.1064
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 4661713
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10023-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 839
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/help-center.svg
200 OK 1.3 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/help-center.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1425)
Hash 8ebcd55a704acfdea2f05099cb4ef0df
dccec8929792df80545f7457d551ae69e96abf25
52f1da3a771e6c90e31cb18a055e7d628f2e5348f0283f31bf12e527de36bdd0
GET /uploads/media/DOC/home/help-center.svg HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 09 Nov 2022 10:28:05 GMT
content-encoding: gzip
server: imgix
x-imgix-id: 861a821978d06ce488f0fb32b74a9b24c0962708
x-imgix-render-farm: 02.552
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 4471350
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10079-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 1334
X-Firefox-Spdy: h2
doggocasino.com/assets/images/HeroBottom.webp
200 OK 8.6 kB URL HTTP/2 doggocasino.com/assets/images/HeroBottom.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash e7ca3e477ff57d76894214575d55ad47
e81dfea1456367bfb5a43735f377ef8d90ba9445
86b4f03b03f70a75fb273131f57ea8ec7c750f55ebb73f7acfe285b1c1df3e26
GET /assets/images/HeroBottom.webp HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/no-no?affiliateName=%5Bcellxpert%5D&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; affiliateId=cx-35656_390258; bannerId=35656; trackerId=35656_390258; affiliateName=%5Bcellxpert%5D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 8556
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:28 GMT
x-amz-version-id: p76IHIXR0zNtlWolcNZ9tb0bTMCmmH59
server: AmazonS3
date: Sat, 07 Jan 2023 11:17:43 GMT
etag: "e7ca3e477ff57d76894214575d55ad47"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 73633
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eNQqFkzoGbhZsWn7OwHBFQKn9b0ZdMBt_FlvPTEOunrSwThELhFKSw==
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/email.svg
200 OK 410 B URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/email.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (389)
Hash 2f7202492e5cd91e315802476d9f7050
e9e01da01a0cbbff43c54e87ec5394f76e06b179
1568eaef10ca3c8f76a6eac52e7179142ce19db9b872122bdcec5264bd118b9b
GET /uploads/media/DOC/home/email.svg HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 09 Nov 2022 10:28:05 GMT
content-encoding: gzip
server: imgix
x-imgix-id: cf506c30afd516dd73e92c439c2359a2ff562aaa
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 4652179
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10023-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 410
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/support-mobile.PNG
200 OK 215 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/support-mobile.PNG
IP
File type PNG image data, 365 x 416, 8-bit/color RGBA, non-interlaced\012- data
Size 215 kB (215081 bytes)
Hash c67edc9f2f91cc55d2bb4cd1db221f88
f1db70c0849edb72d6c1e712660ee289e6d7f755
d061850b353fc488ed78056daa271d5d94b5e62f6c840b4669cef6b0b074a7c4
GET /uploads/media/DOC/home/support-mobile.PNG HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Tue, 09 Aug 2022 01:43:43 GMT
server: imgix
x-imgix-id: 9fd727abab4fa66fcb01546ce986e8a451900ade
x-imgix-render-farm: 01.1064
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 331995
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10053-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 215081
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/doggo-footer.svg
200 OK 1.3 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/doggo-footer.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2775)
Hash bdc5623deb6ed892390913e3304372c2
f7f0db9505e566f2691fa9fde28f748cf30ea0d7
d39e58f66daed5cfbac2331e27fdf1f831200b828fd7c601f0740669330b5965
GET /uploads/media/DOC/home/doggo-footer.svg HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
content-encoding: gzip
server: imgix
x-imgix-id: ba0fccff7fd2cafdc67f670afe808b92cd1b08e1
x-imgix-render-farm: 01.1064
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 3270944
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10058-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 1271
X-Firefox-Spdy: h2
doggocasino.com/assets/images/banner/full-doggo.webp
200 OK 78 kB URL HTTP/2 doggocasino.com/assets/images/banner/full-doggo.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1917x602, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bc3a30c00fa79b2656a24cad032aadd9
643021f5fcb6bc3ee3df627b5ec52133a54f448d
8e9c830b777176c1c96cafa9df0014f8a6db2a953524884b67ab5281df9dc2b1
GET /assets/images/banner/full-doggo.webp HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/en-us?affiliateName=[cellxpert]&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; affiliateId=cx-35656_390258; bannerId=35656; trackerId=35656_390258; affiliateName=%5Bcellxpert%5D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 78070
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:27 GMT
x-amz-version-id: 5vOK.UgEffGXKv6iY.rC_0qJcDbPUkwx
server: AmazonS3
date: Sat, 07 Jan 2023 22:09:34 GMT
etag: "bc3a30c00fa79b2656a24cad032aadd9"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 34522
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -xbx1-5qD_ITgpuuRLWuCEdsUQiWsXoYvbtyeAv3ug1--hlAEprD3w==
X-Firefox-Spdy: h2
cmsapi.doggocasino.com/ajax/game/getLobbyGameGroupGames?languageId=en
200 OK 104 kB URL HTTP/1.1 cmsapi.doggocasino.com/ajax/game/getLobbyGameGroupGames?languageId=en
IP
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (65536), with no line terminators
Size 104 kB (103995 bytes)
Hash 64c6e7dc3a7da285bb77a101dcd9328a
61c15cbae398635fdd43a9a088fa86802e88d7ef
1bae96d446fc55f31480711f7c13e776da764eab87e15318df61e75dea4ad349
GET /ajax/game/getLobbyGameGroupGames?languageId=en HTTP/1.1
Host: cmsapi.doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doggocasino.com
Connection: keep-alive
Referer: https://doggocasino.com/
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; ci_session=m1hpj47ahkh78rel5v31lh9og6oi8ovo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:44:54 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://doggocasino.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Request-ID,X-REQ-ID
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: ci_session=m1hpj47ahkh78rel5v31lh9og6oi8ovo; expires=Sun, 08-Jan-2023 08:44:54 GMT; Max-Age=3600; path=/; SameSite=None; secure; HttpOnly
Content-Language: en
Vary: Accept-Encoding, Accept-Encoding
Content-Encoding: gzip
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/faq-mobile.png
200 OK 128 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/faq-mobile.png
IP
File type PNG image data, 364 x 359, 8-bit/color RGB, non-interlaced\012- data
Size 128 kB (127922 bytes)
Hash a7fb206443a401aac5e0da3d3157bd4e
3b767d26f8ff846b345042e358f9685a994f3bda
ce580ea6b4e038bf83f50d103c8f90c9f57f817f9395dfdcbeb9595961f5a6d7
GET /uploads/media/DOC/home/faq-mobile.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Tue, 09 Aug 2022 01:55:49 GMT
server: imgix
x-imgix-id: 37ad9b6f619eb9e082fd146a1e42cff97811254c
x-imgix-render-farm: 01.1064
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 5271041
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10025-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 127922
X-Firefox-Spdy: h2
doggocasino.com/assets/fonts/CeraPro/Cera_Pro_Bold.otf
200 OK 189 kB URL HTTP/2 doggocasino.com/assets/fonts/CeraPro/Cera_Pro_Bold.otf
IP
File type OpenType font data\012- data
Size 189 kB (189056 bytes)
Hash 07ac815392d30140366e0a9df7f769e8
baa64ee6efc7331cbe288054213ae1eb3d4836a1
ca2bcc9e894e0a755a49f8d264bed726717c0033e6f2dcc8e888bf80ac57bbaa
GET /assets/fonts/CeraPro/Cera_Pro_Bold.otf HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/styles.1f7587ee8c68e382c584.css
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; affiliateId=cx-35656_390258; bannerId=35656; trackerId=35656_390258; affiliateName=%5Bcellxpert%5D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 189056
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:18 GMT
x-amz-version-id: caFkw1_8ULo7eDO__ngD7u_sBgHmGtdE
server: AmazonS3
date: Sat, 07 Jan 2023 11:09:26 GMT
etag: "07ac815392d30140366e0a9df7f769e8"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 74130
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2YrZkojqa7xRePliOtJlxQHhLS_031hnWbVCLHKmbRQkI1CuDTFasw==
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/game-providers.png
200 OK 94 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/game-providers.png
IP
File type PNG image data, 1745 x 182, 8-bit/color RGBA, non-interlaced\012- data
Hash 81248b605a052a84ea52f8c2a21eb566
cd779dc72ba988847e98bef0e526eda8d6dacc0b
8c673f835da44c70b9e1c111baeac722e344c79c6e8a9ad0e1ef0d848f4ca82d
GET /uploads/media/DOC/home/game-providers.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: c55ceccda88be8fb5f4fddbdaf54584f08654e6e
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 5869452
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10044-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 93464
X-Firefox-Spdy: h2
doggocasino.com/icomoon.45820165eb8af3713881.ttf
200 OK 29 kB URL HTTP/2 doggocasino.com/icomoon.45820165eb8af3713881.ttf
IP
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash eb718388a17dd6957510fb000e72e3cd
e05feec86f5b7297637a5fc431ab9d1963e2812b
c38790685fe44d27066c46fe406fbf0edef47872cefa44a342e7a25171897200
GET /icomoon.45820165eb8af3713881.ttf HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/styles.1f7587ee8c68e382c584.css
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; affiliateId=cx-35656_390258; bannerId=35656; trackerId=35656_390258; affiliateName=%5Bcellxpert%5D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 28764
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:28 GMT
x-amz-version-id: aMqoaKfsb_3UKSs04EopNax8QhjGKN3B
server: AmazonS3
date: Sat, 07 Jan 2023 11:09:26 GMT
etag: "eb718388a17dd6957510fb000e72e3cd"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 74130
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5Q6AOJRnvJj51kJd3n5c8fH9rm2fvSgVOKGMtJb7yeZGii1Y9MrWgA==
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/safe-instant.png
200 OK 443 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/safe-instant.png
IP
File type PNG image data, 1714 x 1493, 8-bit/color RGBA, non-interlaced\012- data
Size 443 kB (443061 bytes)
Hash 4c909be3d5a19673623ab2349cf6a79a
b539798e89471deb60df0ea3b11c3b80e641dff9
242dd8c08ed942b0e678d615eb1ea42e524fa05bf6b83fb705456e6a5e3207c9
GET /uploads/media/DOC/home/safe-instant.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: a9241fd2762101b7b38d741e942d77f9eb2a103a
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 5863384
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10040-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 443061
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/grey-shape.svg
200 OK 268 B URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/grey-shape.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Hash e67eb7098ee71853fcbbbe3c95e0d0ec
1f2455492bab9ed1dba60056bbcd67178f2ee37a
5e65e35f0d76280d27163d29f5064bd628d1cc13f7e8fdae7cd8650391eefc7f
GET /uploads/media/DOC/home/grey-shape.svg HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Tue, 08 Nov 2022 09:02:38 GMT
content-encoding: gzip
server: imgix
x-imgix-id: 658dfe861a37aa5eb32b429d085cd92aed13afe4
x-imgix-render-farm: 02.552
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 3278749
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10034-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 268
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/life-changin-wins.png
200 OK 732 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/life-changin-wins.png
IP
File type PNG image data, 2015 x 1068, 8-bit/color RGBA, non-interlaced\012- data
Size 732 kB (731764 bytes)
Hash a7705b01f4799b3cab2f8cdbf71daa66
1395854d5261db43c37bb8706333ce2374e9d126
fca04d41f3c865308bffae37090a41da6d27db5b17bc7811ad7c288f0d2972b7
GET /uploads/media/DOC/home/life-changin-wins.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: ae50c471b705e6c31749dcfe06025fabcd2f8694
x-imgix-render-farm: 01.1064
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 5261627
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10077-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 731764
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-K4EHGY5F0T>m=2oe120&_p=1082640283&_gaz=1&cid=2104987336.1673158587&ul=en-us&sr=1280x1024&_s=1&sid=1673163882&sct=2&seg=0&dl=https%3A%2F%2Fdoggocasino.com%2Fen-us%3FaffiliateName%3D%5Bcellxpert%5D%26affid%3Dcx-35656_390258%26bannerid%3D35656%26trackerid%3D35656_390258%26bta%3D35656%26brand%3Ddoggocasino%26rdk%3Drk1&dt=Doggo%20Casino&en=page_view&_ss=1
204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-K4EHGY5F0T>m=2oe120&_p=1082640283&_gaz=1&cid=2104987336.1673158587&ul=en-us&sr=1280x1024&_s=1&sid=1673163882&sct=2&seg=0&dl=https%3A%2F%2Fdoggocasino.com%2Fen-us%3FaffiliateName%3D%5Bcellxpert%5D%26affid%3Dcx-35656_390258%26bannerid%3D35656%26trackerid%3D35656_390258%26bta%3D35656%26brand%3Ddoggocasino%26rdk%3Drk1&dt=Doggo%20Casino&en=page_view&_ss=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-K4EHGY5F0T>m=2oe120&_p=1082640283&_gaz=1&cid=2104987336.1673158587&ul=en-us&sr=1280x1024&_s=1&sid=1673163882&sct=2&seg=0&dl=https%3A%2F%2Fdoggocasino.com%2Fen-us%3FaffiliateName%3D%5Bcellxpert%5D%26affid%3Dcx-35656_390258%26bannerid%3D35656%26trackerid%3D35656_390258%26bta%3D35656%26brand%3Ddoggocasino%26rdk%3Drk1&dt=Doggo%20Casino&en=page_view&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doggocasino.com
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://doggocasino.com
date: Sun, 08 Jan 2023 07:44:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/slots-games.png
200 OK 1.4 MB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/slots-games.png
IP
File type PNG image data, 1920 x 738, 8-bit/color RGBA, non-interlaced\012- data
Size 1.4 MB (1428029 bytes)
Hash 69a5c6da5ff813320794608f66b5ee7a
e9c21af6d994f279e128ef4e441e28e2daa040b0
be88b78ea90958397eb001632620464892e60304d6f2ef4a8a30d45e2ca36265
GET /uploads/media/DOC/home/slots-games.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: ddc28f2ea6a71b7e00bfb4f19fd3f5b904cd6e97
x-imgix-render-farm: 01.1
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 5293228
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10041-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 1428029
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bca7f62d320a595159ceae1b30ef4c65
0e0c7a42f0d017f617b40aea757cf0a0a4d71d9a
e30f2266b5b10dd868954bba127f6a8e85ba6f8422b565ca17aee0e9074b9d99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:44:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/grey-shape-alt.svg
200 OK 367 B URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/grey-shape-alt.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Hash edaa04ce1e94b80795bf42b64d0a228d
9ca7c2170b80225ad8d900282a403f6113e97cc9
ccef926f38277cb72a8d54e05194b88a4d36e55ac899631bd6843083e4813abe
GET /uploads/media/DOC/home/grey-shape-alt.svg HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
content-encoding: gzip
server: imgix
x-imgix-id: c0a7205aeb067efcf46c92afec05993ca546e63f
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 5869453
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10044-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 367
X-Firefox-Spdy: h2
doggocasino.com/8.d4514208b791194b5f91.js
200 OK 894 kB URL HTTP/2 doggocasino.com/8.d4514208b791194b5f91.js
IP
Size 894 kB (893595 bytes)
Hash 3f33631ca1dfb8613cdf59c108fe63cc
f73793dcfafc3978bb12302ea3f9174198586c20
af17778328e953da792a82cdd574603fc0ca03a81da5ee923939c1a6239146f0
GET /8.d4514208b791194b5f91.js HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/en-us?affiliateName=[cellxpert]&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:21 GMT
x-amz-version-id: KU6KXKo6lZ9CewtWvt_5k5R5dSpX60sm
server: AmazonS3
content-encoding: gzip
date: Sat, 07 Jan 2023 11:37:50 GMT
etag: W/"6931bca767bfc1e8a62f5f5ee32af36c"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 82820
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kgW3CT2D2dTOGadzhZX9Isgvc2urVAI5grFXo6AmqgLX1LSbhQI5fw==
X-Firefox-Spdy: h2
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/24hr-bg.png
200 OK 846 kB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/24hr-bg.png
IP
File type PNG image data, 1467 x 776, 8-bit/color RGBA, non-interlaced\012- data
Size 846 kB (845713 bytes)
Hash 43c4bfb0ef50eee6044ebfd26e20b6b9
7183a0e6cbb296bb9493535579b67afe4c3244cf
e67b16b94d3723da0a5dd239a4104f4a1f46d64f3fb3915c86e8f9a46be8c1d3
GET /uploads/media/DOC/home/24hr-bg.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Wed, 22 Jun 2022 15:01:49 GMT
server: imgix
x-imgix-id: c99e8bd81796a1a516cb4d31f2984ec9eacaaef1
x-imgix-render-farm: 01.1064
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 4661722
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10023-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 845713
X-Firefox-Spdy: h2
ocsp.entrust.net/
200 OK 1.6 kB IP
Hash 8a6e63523074ac4e417d996687d286f8
e0ac39e9d2274be5c8269938dd88f4fc17a4f2e5
c6b15bd563bf65519ac0949a2f51eeb3650cc36322da2c854198288c7110b8be
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "C6B15BD563BF65519AC0949A2F51EEB3650CC36322DA2C854198288C7110B8BE"
Last-Modified: Sat, 07 Jan 2023 20:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=475
Expires: Sun, 08 Jan 2023 07:52:50 GMT
Date: Sun, 08 Jan 2023 07:44:55 GMT
Connection: keep-alive
doggocasino-images-uat.imgix.net/uploads/media/DOC/home/faq.png
200 OK 1.0 MB URL HTTP/2 doggocasino-images-uat.imgix.net/uploads/media/DOC/home/faq.png
IP
File type PNG image data, 1920 x 1096, 8-bit/color RGBA, non-interlaced\012- data
Size 1.0 MB (1000337 bytes)
Hash ef96f74f51b5138969246a0b3d1996ac
ca519301ff25dec4f07e54574a40d7012eb6763d
b2e61e89a6a0e373694d5520d34bee9fc24442d94176daa9bf01ad94e8648c5a
GET /uploads/media/DOC/home/faq.png HTTP/1.1
Host: doggocasino-images-uat.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Tue, 26 Jul 2022 05:03:44 GMT
server: imgix
x-imgix-id: 1c4e3f412f3666d51c8e6500453d545a2dd259b0
x-imgix-render-farm: 02.552
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 5332479
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10041-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
content-length: 1000337
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-K4EHGY5F0T&cid=2104987336.1673158587>m=2oe120&aip=1
204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-K4EHGY5F0T&cid=2104987336.1673158587>m=2oe120&aip=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-K4EHGY5F0T&cid=2104987336.1673158587>m=2oe120&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doggocasino.com
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://doggocasino.com
date: Sun, 08 Jan 2023 07:44:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
doggocasino-images-prd.imgix.net/uploads/media/DOC/images/9kzyghkni-akqaph2rd-CasinoIcon.svg
200 OK 767 B URL HTTP/2 doggocasino-images-prd.imgix.net/uploads/media/DOC/images/9kzyghkni-akqaph2rd-CasinoIcon.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1076)
Hash 59a7c757952f4e73719f399cd6616389
e7a24c2b840a5c55ca3e62461675009c9928917e
79466ff238e8321bec8616124c08f8800952547ae9e89f88dad9d764c913c224
GET /uploads/media/DOC/images/9kzyghkni-akqaph2rd-CasinoIcon.svg HTTP/1.1
Host: doggocasino-images-prd.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Fri, 06 May 2022 13:28:13 GMT
content-encoding: gzip
server: imgix
x-imgix-id: 54ec309787a7b82105a80297a4d073a3745a343f
x-imgix-render-farm: 01.1064
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 5087479
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10069-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 767
X-Firefox-Spdy: h2
doggocasino-images-prd.imgix.net/uploads/media/DOC/images/9kzyghkpt-8kpegzft6-8kpbpz732-LiveCasino-Icon.svg
200 OK 2.1 kB URL HTTP/2 doggocasino-images-prd.imgix.net/uploads/media/DOC/images/9kzyghkpt-8kpegzft6-8kpbpz732-LiveCasino-Icon.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2535)
Hash b8d89489d6751052aff308dd243a2ac9
2c6a3fbff3b5416f4bf60ad37ab8c7df718f6d40
2f478dd1b4943e2f1351063abd39db0317ff8f6e2645e046d1c828470ad9ccfa
GET /uploads/media/DOC/images/9kzyghkpt-8kpegzft6-8kpbpz732-LiveCasino-Icon.svg HTTP/1.1
Host: doggocasino-images-prd.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Fri, 06 May 2022 13:28:14 GMT
content-encoding: gzip
server: imgix
x-imgix-id: b6beded82f78b7a9a3b0d663db1e89b3b71cc9e3
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 7086479
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10083-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 2068
X-Firefox-Spdy: h2
doggocasino-images-prd.imgix.net/uploads/media/DOC/images/9kzygv6fx-8kpi8m203-8kpgg29wu-gift-box-thicker.svg
200 OK 941 B URL HTTP/2 doggocasino-images-prd.imgix.net/uploads/media/DOC/images/9kzygv6fx-8kpi8m203-8kpgg29wu-gift-box-thicker.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 76be76f2a7dec465f2452f35658a2e09
0f1bbf98737266b676a2c4b32b1544168e73943b
6ae9272128515c2144e856126178a61c16ab6db3c0a613d8dce9f483164d08d4
GET /uploads/media/DOC/images/9kzygv6fx-8kpi8m203-8kpgg29wu-gift-box-thicker.svg HTTP/1.1
Host: doggocasino-images-prd.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
last-modified: Fri, 06 May 2022 13:28:14 GMT
content-encoding: gzip
server: imgix
x-imgix-id: 2847f6dc6f3f3d9ebe6fc55cdbc85a326c1915bd
x-imgix-render-farm: 02.552
x-imgix-original-status: 200
date: Sun, 08 Jan 2023 07:44:55 GMT
age: 7000082
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10043-SJC, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 941
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0220f5ea262c1a2cdceff36fd16679e9
9d0aab6c4b8e26f2ae22ffdf82e33d6a62440377
16ed4fc4013c5caa769b3308acbd947af25048158932f4409eee7b1f2c884e52
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16ED4FC4013C5CAA769B3308ACBD947AF25048158932F4409EEE7B1F2C884E52"
Last-Modified: Sat, 07 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4382
Expires: Sun, 08 Jan 2023 08:57:57 GMT
Date: Sun, 08 Jan 2023 07:44:55 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bca7f62d320a595159ceae1b30ef4c65
0e0c7a42f0d017f617b40aea757cf0a0a4d71d9a
e30f2266b5b10dd868954bba127f6a8e85ba6f8422b565ca17aee0e9074b9d99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:44:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api2.gameassists.co.uk/casino/progressive/public/v1/counters?currencyIsoCode=NOK
200 OK 7.0 kB URL HTTP/1.1 api2.gameassists.co.uk/casino/progressive/public/v1/counters?currencyIsoCode=NOK
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (58794), with no line terminators
Hash 66e4068abafd56d3721c485989708a4b
67577f396911331b144f05060e2d3a6b6678368c
2483e4376c85f3087e947eaa09f3b36414f5fe0951a01dc4c9ae09316cb91bf2
GET /casino/progressive/public/v1/counters?currencyIsoCode=NOK HTTP/1.1
Host: api2.gameassists.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://doggocasino.com
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
Server:
X-CorrelationId: b8a49bcc-f6ce-4f64-80bf-bdc656ccda9c
X-Api-Version: 1.0.5.152
Access-Control-Allow-Origin: https://doggocasino.com
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: X-CorrelationId
X-AspNet-Version: 4.0.30319
Request-Context: appId=cid-v1:39298cf6-0891-47ba-9f29-1f161231208d
cacheControlHeader: max-age-604800
Date: Sun, 08 Jan 2023 07:44:55 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6968
Connection: Keep-Alive
doggocasino.com/assets/fonts/CeraPro/Cera_Pro_Black.otf
200 OK 188 kB URL HTTP/2 doggocasino.com/assets/fonts/CeraPro/Cera_Pro_Black.otf
IP
File type OpenType font data\012- data
Size 188 kB (188164 bytes)
Hash 95d55d992d7f63799ad116dbd12a25cf
37dd0e816b3828a6e996cb1b185b18e10745fb3b
7f9ef82ea041a21505f28d21766821edcc9adda8ed407f676d3623dc4f5c499a
GET /assets/fonts/CeraPro/Cera_Pro_Black.otf HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/styles.1f7587ee8c68e382c584.css
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; affiliateId=cx-35656_390258; bannerId=35656; trackerId=35656_390258; affiliateName=%5Bcellxpert%5D; cookie_policy=accepted
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 188164
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:26 GMT
x-amz-version-id: gNNjHTGlPcoeWIhgv5POJ3hF_euh6aRE
server: AmazonS3
date: Sat, 07 Jan 2023 11:09:26 GMT
etag: "95d55d992d7f63799ad116dbd12a25cf"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 74130
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nlSbfxWDtVj5sziKchbeEtjK_dARUtTQt5FRssVBqrazBDGyt3q3tQ==
X-Firefox-Spdy: h2
doggocasino.com/assets/fonts/CeraPro/Cera_Pro_Medium.otf
200 OK 187 kB URL HTTP/2 doggocasino.com/assets/fonts/CeraPro/Cera_Pro_Medium.otf
IP
File type OpenType font data\012- data
Size 187 kB (187396 bytes)
Hash afe6902a46c9d424e9aca916f97562db
568338d32254cc1f42c41fd4b0b8b16217ee6525
68415c8ecee10d8cbab1ded06c092c8352ca0ba608e0c01ea5f0d37a358f92e0
GET /assets/fonts/CeraPro/Cera_Pro_Medium.otf HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/styles.1f7587ee8c68e382c584.css
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; affiliateId=cx-35656_390258; bannerId=35656; trackerId=35656_390258; affiliateName=%5Bcellxpert%5D; cookie_policy=accepted
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 187396
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:25 GMT
x-amz-version-id: PO5j8iFORQPWKEWcrNPa_CI6DKwGPMtX
server: AmazonS3
date: Sat, 07 Jan 2023 11:23:35 GMT
etag: "afe6902a46c9d424e9aca916f97562db"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 73280
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Pia942V5J9E7ixu-jcz1q3IUw92L3vhUdjQUOC0eKWUv9TQ22QO9dQ==
X-Firefox-Spdy: h2
o571455.ingest.sentry.io/api/5732343/envelope/?sentry_key=d1b047c874bf4ef7a99a8c956cfbe83d&sentry_version=7
200 OK 41 B URL HTTP/2 o571455.ingest.sentry.io/api/5732343/envelope/?sentry_key=d1b047c874bf4ef7a99a8c956cfbe83d&sentry_version=7
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 67a4d4e1c10a9180f0cb022705da2c12
486a500237fab7f48aabebc34dfcc3aa5a8cf755
329eb03d587edba9cfea5df3494cce9575ea79e8cce88183118aa1bfaf5254ca
POST /api/5732343/envelope/?sentry_key=d1b047c874bf4ef7a99a8c956cfbe83d&sentry_version=7 HTTP/1.1
Host: o571455.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://doggocasino.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://doggocasino.com
Content-Length: 40546
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 07:44:55 GMT
content-type: application/json
content-length: 41
access-control-allow-origin: https://doggocasino.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c1.rfihub.net/js/tc.min.js
200 OK 6.2 kB URL HTTP/2 c1.rfihub.net/js/tc.min.js
IP
File type C source, ASCII text, with very long lines (19497)
Hash ab5a2e3f2414c0a2b622e48c0b6da2fd
1a894787bde6cbf9b58d47b8f4245607420112ad
a5ef19cf7ca85f760c462ed2f228430c8d0a6d9daf3aa34894a5c42113cfdb8f
GET /js/tc.min.js HTTP/1.1
Host: c1.rfihub.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6162
date: Sun, 08 Jan 2023 07:10:16 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
expires: Sun, 08 Jan 2023 08:10:16 GMT
last-modified: Sun, 08 Jan 2023 07:10:06 GMT
content-encoding: gzip
server: Jetty(9.3.29.v20201019)
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lnllwTrOGztZZJelnHLKoCGxbwJxDrR5gVqAOxv8YEDK63zY7UiMvQ==
age: 2079
X-Firefox-Spdy: h2
doggocasino.com/assets/images/payments/Visa.webp
200 OK 5.1 kB URL HTTP/2 doggocasino.com/assets/images/payments/Visa.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4b0108440760f16641970c1d5d16cd00
507b3518c8eb975026333a76be0d0178cbc9c2ad
28da44d8c47934effa061189c0f8c3d7253f030c8551e6a5358c065c152f0e46
GET /assets/images/payments/Visa.webp HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/no-no?affiliateName=%5Bcellxpert%5D&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; affiliateId=cx-35656_390258; bannerId=35656; trackerId=35656_390258; affiliateName=%5Bcellxpert%5D; cookie_policy=accepted
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 5090
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:17 GMT
x-amz-version-id: VOR_yYVw4M2RaZDf8BMXmIl3.gckRLqY
server: AmazonS3
date: Sat, 07 Jan 2023 11:09:26 GMT
etag: "4b0108440760f16641970c1d5d16cd00"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 74130
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kVAXhs5VErmVyfkFCP706BUA7vUtSCMEj3UY4xm7CQw3namYwBpXAw==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0220f5ea262c1a2cdceff36fd16679e9
9d0aab6c4b8e26f2ae22ffdf82e33d6a62440377
16ed4fc4013c5caa769b3308acbd947af25048158932f4409eee7b1f2c884e52
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "16ED4FC4013C5CAA769B3308ACBD947AF25048158932F4409EEE7B1F2C884E52"
Last-Modified: Sat, 07 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4382
Expires: Sun, 08 Jan 2023 08:57:57 GMT
Date: Sun, 08 Jan 2023 07:44:55 GMT
Connection: keep-alive
doggocasino.com/assets/images/payments/MC.webp
200 OK 5.7 kB URL HTTP/2 doggocasino.com/assets/images/payments/MC.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash a1e6c278fdafab2a5a4b685e0c58716f
b93e5dc087323be40023bbefaf8ba9c8744c944b
621320f77e17050f2f5a58e52f81fbc0031fa0fb388d3678615c1f313576b2b3
GET /assets/images/payments/MC.webp HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/no-no?affiliateName=%5Bcellxpert%5D&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; affiliateId=cx-35656_390258; bannerId=35656; trackerId=35656_390258; affiliateName=%5Bcellxpert%5D; cookie_policy=accepted
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 5670
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:20 GMT
x-amz-version-id: tnjbwukL4htd3BBRjs4_iUOvz7dbUBne
server: AmazonS3
date: Sat, 07 Jan 2023 11:09:26 GMT
etag: "a1e6c278fdafab2a5a4b685e0c58716f"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 74130
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zimAgyZ11yMv4UsyW78PeE8Nj6QODYvSaPGa8MS6acE-lFv_7tboaA==
X-Firefox-Spdy: h2
doggocasino.com/assets/images/payments/AstroPay-isotipo.webp
200 OK 8.5 kB URL HTTP/2 doggocasino.com/assets/images/payments/AstroPay-isotipo.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7b4904268f33a2bc7d4d9f6bf0b4cd30
0ecb6a5b1fef840b715baf1056de562dfc7cc925
2ec6fcda254d694c53f87b6df84b2cf4a0a2884d6149bf7c2b26952b4e6615b3
GET /assets/images/payments/AstroPay-isotipo.webp HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/no-no?affiliateName=%5Bcellxpert%5D&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; affiliateId=cx-35656_390258; bannerId=35656; trackerId=35656_390258; affiliateName=%5Bcellxpert%5D; cookie_policy=accepted
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 8482
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:20 GMT
x-amz-version-id: 9BZxgLX5TDoX5NHNiUrNDiOA_deEKzti
server: AmazonS3
date: Sat, 07 Jan 2023 13:39:14 GMT
etag: "7b4904268f33a2bc7d4d9f6bf0b4cd30"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 65142
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: re-Wfanu_41njMdC-YWlS3xBlZ_VZW1jQSdX69kyL7N7KvB0D-uSZA==
X-Firefox-Spdy: h2
doggocasino.com/assets/images/payments/CRYPTO-NO-square.webp
200 OK 9.5 kB URL HTTP/2 doggocasino.com/assets/images/payments/CRYPTO-NO-square.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1743ed8f0a9ca24cb2f49dbb61f70b5b
2c3b851c280984ba7e84b08a956b6122d6575076
9b6bf4178662a1c7e7afd5f111f641de9a44afe4788afb885040b134c1cf2323
GET /assets/images/payments/CRYPTO-NO-square.webp HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/no-no?affiliateName=%5Bcellxpert%5D&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; affiliateId=cx-35656_390258; bannerId=35656; trackerId=35656_390258; affiliateName=%5Bcellxpert%5D; cookie_policy=accepted
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 9456
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:29 GMT
x-amz-version-id: nOTPUreyntNp62lizYypd5s7hHogL2b_
server: AmazonS3
date: Sat, 07 Jan 2023 13:39:14 GMT
etag: "1743ed8f0a9ca24cb2f49dbb61f70b5b"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 65142
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kS5XcAexWlrCKIt-vaAl7pxLeHuJgKzv9Y4FFnrxpKqvBX0UpyLkjA==
X-Firefox-Spdy: h2
doggocasino.com/assets/mock/globe.webp
200 OK 1.9 kB URL HTTP/2 doggocasino.com/assets/mock/globe.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 19215c98163e609fed2e96a76e46f6cd
65fa846b9eafd2d3420b079a6ee8baac0fa183c5
685bf72f57fdcba509c9981d2ad69cd5f95d4b4135315011fad8c5bc2b5c79ad
GET /assets/mock/globe.webp HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/no-no?affiliateName=%5Bcellxpert%5D&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; affiliateId=cx-35656_390258; bannerId=35656; trackerId=35656_390258; affiliateName=%5Bcellxpert%5D; cookie_policy=accepted
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 1902
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:29 GMT
x-amz-version-id: C1FoPei8ZKpnqSY_XhRVEvYKdoXO45Aa
server: AmazonS3
date: Sat, 07 Jan 2023 11:23:38 GMT
etag: "19215c98163e609fed2e96a76e46f6cd"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 73278
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YM8j5VDv3JC8eMHNbTpMY9yauwoYTZVlc98QDPwFaIpbgS7MDTkm7Q==
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 08 Jan 2023 06:41:08 GMT
expires: Sun, 08 Jan 2023 08:41:08 GMT
cache-control: public, max-age=7200
age: 3827
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 69c3f0bdbb90c95313c7de5255c3b6e8
8edcbfcc3b87aeecc9f3ca84537512e01039ad6a
754d91c7500f67369c1ea04649eddef7e4201932f81405a0662a6d5f4b80a3da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:44:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
doggocasino.com/favicon.ico
200 OK 4.3 kB URL HTTP/2 doggocasino.com/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash bf17160c2e430c1c7fda0c795c8ee482
2990a13dd391376c8593c9243d4430a9318c7a18
aaee36adabe0daf0003147b30c2a56b8341f2469a6f4fec886e64412063f4cd4
GET /favicon.ico HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/en-us?affiliateName=[cellxpert]&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; affiliateId=cx-35656_390258; bannerId=35656; trackerId=35656_390258; affiliateName=%5Bcellxpert%5D; cookie_policy=accepted
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 4286
x-amz-id-2: 3vgBZKfZObbZTWaiHxxVAB3VpJ7IFBxCQXS4afymH9EfYZs4PpjNLD4Q7g2Jb/Xat9rgpdok2YQ=
x-amz-request-id: VJRS75HTTGQPNPRR
date: Thu, 05 Jan 2023 08:38:34 GMT
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:23 GMT
x-amz-version-id: 7WJLFkh.RnFAQb3QgSG_Tm3IgArG4xy5
etag: "bf17160c2e430c1c7fda0c795c8ee482"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cSGzHc1-tn8QrM-Ai0z6mn-ScD6MOBz_zV2rwdgbi-52V6uZNIUmgA==
age: 255982
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K4EHGY5F0T&cid=2104987336.1673158587>m=2oe120&aip=1&z=139580413
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K4EHGY5F0T&cid=2104987336.1673158587>m=2oe120&aip=1&z=139580413
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K4EHGY5F0T&cid=2104987336.1673158587>m=2oe120&aip=1&z=139580413 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 07:44:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-8165-81a3de7.js
200 OK 194 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-8165-81a3de7.js
IP
File type ASCII text, with very long lines (65307)
Size 194 kB (194423 bytes)
Hash fa547d546110a6838bfe031c12d87a17
d9343a2d15c4c86017097e5ea783446f496413b5
87fb70977c1169de597252887c2d005896529f8253758183774dc15addfd0d68
GET /web_widget/latest/classic/web-widget-8165-81a3de7.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:55 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: lzBkPtbnz0MGLlWYKiF43Rbof1dxLmCsNcfcXrLzOnOEtJYFONekq3s/EdUhjTmo6TQFKed2bBM=
x-amz-request-id: F6C4AQZ3YDWB1VQS
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
etag: W/"d519ea27f763cb6ec80aeec5b45213a7"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:44:36 GMT
x-amz-version-id: kU1YYFzxaCl55Jp2ZazHPuUZRF69EWpK
cf-cache-status: HIT
age: 2003989
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Mje8mzN%2B5a%2FamGakQ23bxu5lJbB04RRIcrZBoww9rpAn8zHmAH%2BM%2FaGlFLU8FsV6bnXDgKkqvN5ch1OspX9NotNnEiQzBimAuTQAxBCw%2FG4WFebc0Q3N5ZPBFmbtscpYE1k85Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78634f8bab3db509-OSL
content-encoding: br
X-Firefox-Spdy: h2
doggocasino.com/assets/fonts/CeraPro/Cera_Pro_Light.otf
200 OK 185 kB URL HTTP/2 doggocasino.com/assets/fonts/CeraPro/Cera_Pro_Light.otf
IP
File type OpenType font data\012- data
Size 185 kB (185224 bytes)
Hash 112299d7917b38aff426d451d495f3d7
6de584a008b9858f356612935204940c53f5c226
51678261b34255f1b6aa36b5ec12956d44cf63162f8e86cb838594484148fe2d
GET /assets/fonts/CeraPro/Cera_Pro_Light.otf HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/styles.1f7587ee8c68e382c584.css
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; affiliateId=cx-35656_390258; bannerId=35656; trackerId=35656_390258; affiliateName=%5Bcellxpert%5D; cookie_policy=accepted
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 185224
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:28 GMT
x-amz-version-id: ESIpojbVBx7vaO3CbJI0InDZatTpxf02
server: AmazonS3
date: Sat, 07 Jan 2023 11:09:25 GMT
etag: "112299d7917b38aff426d451d495f3d7"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 74141
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wUfPJxKJnXVwyoGhFIbR8Sd5sSYvyg3VWB0FFPn10hdxZZKwFozdFg==
X-Firefox-Spdy: h2
script.hotjar.com/modules.b4ac87d27a338f616dd7.js
200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.b4ac87d27a338f616dd7.js
IP
File type Unicode text, UTF-8 text, with very long lines (48638)
Hash 1af6d1b4202cd7568a42d42e427f4e4f
a58920bba80580f6e2042513642e7425b7d41073
86ce7f3a1599d843b55e78ce294697c6fd84d4271cf4d49130ad0708a48a2340
GET /modules.b4ac87d27a338f616dd7.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68846
date: Fri, 06 Jan 2023 10:13:59 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "1af6d1b4202cd7568a42d42e427f4e4f"
last-modified: Fri, 06 Jan 2023 10:13:14 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zBQLD0T7PiAyZ-S36q1Id-MLL9PgWmPCNYAlzOgtudqxvOyeXyBGrw==
age: 163855
X-Firefox-Spdy: h2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VRdiRtQZHxXx47nQcbdKuNFE_c72tPH88AzH-EkEO2UUXJNsqbT_gQ==
age: 3954889
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash bb8f2e68083f051f2979932a1f03c594
0a871e0733f544055f0aa380187f3e6ccc3f9ba9
49922587aff27fc434b5e0d4128f6a7b48f01c6db105f56c12f6e4d9cb82bbb5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 07:44:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 14:15:44 GMT
Expires: Sat, 14 Jan 2023 14:15:43 GMT
Etag: "0a871e0733f544055f0aa380187f3e6ccc3f9ba9"
Cache-Control: max-age=541247,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78634f8c7e89b50c-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash bb8f2e68083f051f2979932a1f03c594
0a871e0733f544055f0aa380187f3e6ccc3f9ba9
49922587aff27fc434b5e0d4128f6a7b48f01c6db105f56c12f6e4d9cb82bbb5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 07:44:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 14:15:44 GMT
Expires: Sat, 14 Jan 2023 14:15:43 GMT
Etag: "0a871e0733f544055f0aa380187f3e6ccc3f9ba9"
Cache-Control: max-age=541246,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78634f8c7c5d0b55-OSL
20841497p.rfihub.com/ca.html?ver=9&rb=46806&ca=20841497&_o=46806&_t=20841497&pe=https%3A%2F%2Fdoggocasino.com%2Fno-no%3FaffiliateName%3D%255Bcellxpert%255D%26affid%3Dcx-35656_390258%26bannerid%3D35656%26trackerid%3D35656_390258%26bta%3D35656%26brand%3Ddoggocasino%26rdk%3Drk1&pf=&ra=8836686620617198
200 OK 2.7 kB URL HTTP/1.1 20841497p.rfihub.com/ca.html?ver=9&rb=46806&ca=20841497&_o=46806&_t=20841497&pe=https%3A%2F%2Fdoggocasino.com%2Fno-no%3FaffiliateName%3D%255Bcellxpert%255D%26affid%3Dcx-35656_390258%26bannerid%3D35656%26trackerid%3D35656_390258%26bta%3D35656%26brand%3Ddoggocasino%26rdk%3Drk1&pf=&ra=8836686620617198
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (2660), with no line terminators
Hash 83a1136ec4478566118f2c5f8eafdade
66a9d938a446f7d50b5e7e02d8173c67a92ca443
382b5b13e75caf3b7a5003f63765c312a24ddc968051433575ad0f02a7575e76
GET /ca.html?ver=9&rb=46806&ca=20841497&_o=46806&_t=20841497&pe=https%3A%2F%2Fdoggocasino.com%2Fno-no%3FaffiliateName%3D%255Bcellxpert%255D%26affid%3Dcx-35656_390258%26bannerid%3D35656%26trackerid%3D35656_390258%26bta%3D35656%26brand%3Ddoggocasino%26rdk%3Drk1&pf=&ra=8836686620617198 HTTP/1.1
Host: 20841497p.rfihub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 07:44:56 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjYwNbYwNjY2MxfiM9TN8gkqMw2Od3UOMKoEACU20JYlAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 2 Feb 2024 07:44:56 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjYwNbYwNjY2MxfiM9TN8gkqMw2Od3UOMKoEACU20JYlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_5vFyGtoZm5saGZsYWlmYGmwC41_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwtdPQsq_xYafxMrmn5uNPt50fjCqPxHaHwAlzZnBCABAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 2 Feb 2024 07:44:56 GMT; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2660
Server: Jetty(9.3.29.v20201019)
20841497p.rfihub.com/ca.html?ver=9&rb=46806&ca=20841497&_o=46806&_t=20841497&pe=https%3A%2F%2Fdoggocasino.com%2Fno-no%3FaffiliateName%3D%255Bcellxpert%255D%26affid%3Dcx-35656_390258%26bannerid%3D35656%26trackerid%3D35656_390258%26bta%3D35656%26brand%3Ddoggocasino%26rdk%3Drk1&pf=&ra=5556534748409693
200 OK 2.7 kB URL HTTP/1.1 20841497p.rfihub.com/ca.html?ver=9&rb=46806&ca=20841497&_o=46806&_t=20841497&pe=https%3A%2F%2Fdoggocasino.com%2Fno-no%3FaffiliateName%3D%255Bcellxpert%255D%26affid%3Dcx-35656_390258%26bannerid%3D35656%26trackerid%3D35656_390258%26bta%3D35656%26brand%3Ddoggocasino%26rdk%3Drk1&pf=&ra=5556534748409693
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (2660), with no line terminators
Hash 611f32237230507571b62f337547857e
588a15d9f338fa482014f29d582c3b9d9ffab14c
2ae51fdd64b7d7c300d2af0d0331ffd5c6ca66b2c7fec541f1c05a719c3c4b8a
GET /ca.html?ver=9&rb=46806&ca=20841497&_o=46806&_t=20841497&pe=https%3A%2F%2Fdoggocasino.com%2Fno-no%3FaffiliateName%3D%255Bcellxpert%255D%26affid%3Dcx-35656_390258%26bannerid%3D35656%26trackerid%3D35656_390258%26bta%3D35656%26brand%3Ddoggocasino%26rdk%3Drk1&pf=&ra=5556534748409693 HTTP/1.1
Host: 20841497p.rfihub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 07:44:56 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjY3MjUzMDE0NhTiM9T1yvKKL_EtSImyTC8FANM6W8clAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 2 Feb 2024 07:44:56 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjY3MjUzMDE0NhTiM9T1yvKKL_EtSImyTC8FANM6W8clAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_5vFyGtoZm5saGZsYWlmaGi6C41_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwtdPQsq_xYafxMrmn5uNPt50fjCqPxHaHwAptJn7iABAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 2 Feb 2024 07:44:56 GMT; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2660
Server: Jetty(9.3.29.v20201019)
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-81a3de7.js
200 OK 6.4 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-us-json-81a3de7.js
IP
File type Unicode text, UTF-8 text, with very long lines (25705), with no line terminators
Hash d266ad537bf2daad5682c747db9a0b6a
77bb2639f2096b7ba6c889fe61854825c408b648
b81e56cd15444b555716b0068dea0b3fbb0aadf2862f874f4712a369406f9f05
GET /web_widget/latest/classic/web-widget-locales/classic/en-us-json-81a3de7.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:56 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: Q/WsINVJ+Z0sX1C6ewo6dm4fGCmy1q+byCALlpmYTsO763wyxLOPMW+3hlpEmMz+n7wAWQ1i9dM=
x-amz-request-id: F6CEY42KW93BNB12
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:44:38 GMT
etag: W/"10d9a30eac6ed106c66673278428cd9d"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:44:37 GMT
x-amz-version-id: w19VoZjQsh3pKdlpVeLbZ8rEmUXDsh_h
cf-cache-status: HIT
age: 2003987
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skEAx6ivlJAh4UpSGXlbYn0CyteSOTWLVEIfd4L510SvBX42WDtzik5L3J%2BcBa4jk2vGBuA1dbxrnLplv5pZPobLKMPw840L2d%2FW4WIj2Zm18Mxn54U0ajGwIGFKmY%2BEVnGtvsw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78634f8e1cb2b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 5b05de4d90e8de78797c3fc3e1f37563
c93d8344fa84d806ee04a5695421966883c00fe4
1f798fa33d28f7ff46eff7cce69c1740d1dde1adaf14ddb4d551acb3df2f45be
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 08 Jan 2023 07:44:56 GMT
Last-Modified: Sun, 08 Jan 2023 06:26:57 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: n7zWCcPcSPUzARfX4dWfbMtPHwMN6bUhLMLmkRKwZYLKLZwaPuhzeA==
Age: 4679
widget-mediator.zopim.com/s/W/ws/6tFfD4KOMSEfm64q/c/1673163884024
101 Switching Protocols 0 B URL HTTP/1.1 widget-mediator.zopim.com/s/W/ws/6tFfD4KOMSEfm64q/c/1673163884024
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/W/ws/6tFfD4KOMSEfm64q/c/1673163884024 HTTP/1.1
Host: widget-mediator.zopim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://doggocasino.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FJuvYcONPf7ySsIenilWOA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sun, 08 Jan 2023 07:44:56 GMT
Connection: upgrade
Set-Cookie: AWSALB=Y2ucBYzHmWbIiHPuRrUbACePpHFebwlDndnL11A1KWKwIocapFUy6EIRYWgbeVCrdGCUImhU1KNvdA6efnWloMv3FeRboxB57wmkV+roSNTJ9mzTZT3YBMQ1kSei; Expires=Sun, 15 Jan 2023 07:44:56 GMT; Path=/
AWSALBCORS=Y2ucBYzHmWbIiHPuRrUbACePpHFebwlDndnL11A1KWKwIocapFUy6EIRYWgbeVCrdGCUImhU1KNvdA6efnWloMv3FeRboxB57wmkV+roSNTJ9mzTZT3YBMQ1kSei; Expires=Sun, 15 Jan 2023 07:44:56 GMT; Path=/; SameSite=None; Secure
Upgrade: websocket
Sec-WebSocket-Accept: Z2TO1+hw2TmnL+r5FnWftHX8Cu8=
Sec-WebSocket-Version: 13
WebSocket-Server: uWebSockets
live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210823053833367&referrer=https%3A%2F%2Fdoggocasino.com%2Fno-no%3FaffiliateName%3D%255Bcellxpert%255D%26affid%3Dcx-35656_390258%26bannerid%3D35656%26trackerid%3D35656_390258%26bta%3D35656%26brand%3Ddoggocasino%26rdk%3Drk1
302 Found 661 B URL HTTP/2 live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210823053833367&referrer=https%3A%2F%2Fdoggocasino.com%2Fno-no%3FaffiliateName%3D%255Bcellxpert%255D%26affid%3Dcx-35656_390258%26bannerid%3D35656%26trackerid%3D35656_390258%26bta%3D35656%26brand%3Ddoggocasino%26rdk%3Drk1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (575)
Hash b8d7bee81c05330e1c8a0a8ad1d762bd
c49119c4bf270a76e87dc4e467728218a47d4165
bbdd70760fabf74e305cff91fd8eeb97cbb3eb5e2cbecbb4b40824e0f693c545
GET /pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210823053833367&referrer=https%3A%2F%2Fdoggocasino.com%2Fno-no%3FaffiliateName%3D%255Bcellxpert%255D%26affid%3Dcx-35656_390258%26bannerid%3D35656%26trackerid%3D35656_390258%26bta%3D35656%26brand%3Ddoggocasino%26rdk%3Drk1 HTTP/1.1
Host: live.rezync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Cookie: zync-uuid=feec0389-c24c-4e8c-a771-0e2c3a4b3ba9:1673158601.0893228; sd-session-id=.eJwVyk0KgzAQQOG7zNqUTH7MJJeROJ1CaE2Lo5uKd6_dPPjgHTB9ZF1ql75B2dZdBuBXu6RQDtD2XeQJBSJaijEnFxNlwn_hHEBFtb371O7X8xBh6ykbdoFNEGJTU0JjxbGvYfZzzQXH5DHSaPFmKXvnCM4f0cEmQA.Y7pfyQ.WI9ktEP34LTwqwUPstbmQd2saa4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 661
location: https://p.rfihub.com/cm?pub=39342&in=0&userid=feec0389-c24c-4e8c-a771-0e2c3a4b3ba9%3A1673158601.0893228&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfeec0389-c24c-4e8c-a771-0e2c3a4b3ba9%253A1673158601.0893228
date: Sun, 08 Jan 2023 07:44:56 GMT
set-cookie: zync-uuid=feec0389-c24c-4e8c-a771-0e2c3a4b3ba9:1673158601.0893228; Domain=rezync.com; Expires=Thu, 06 Jul 2023 23:44:56 GMT; Path=/; SameSite=None; Secure
sd-session-id=.eJwNyksOwiAQANC7zLqYGYbPwGUaimNCtGhK3dj07nb5knfA_NFtLV37DnnfvjpBfbVLA_IBo_1WfUIGT44soVhGz8LMIcI5wdAx2rvP7X6dh2pFlmSqddU4lWpKjGRQbeXiFl5KyhQik5eAdENJbK3A-QfDaiYU.Y7p0eA.GYPt5epVn5QGN_wJh7nBu8iPYwo; Expires=Fri, 07 Jul 2023 07:44:56 GMT; HttpOnly; Path=/; SameSite=None; Secure
vary: Cookie
server: lighttpd/1.4.59
x-cache: Miss from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: E_U2uvkdsInBgqy6WW89kh1F7E-lQKYkYI6sSeuIpTsBZoRN5NpHQw==
X-Firefox-Spdy: h2
2d1c8d36-b9ba-45b7-87c9-e34c592a597a.seals-emr.certria.com/sealassets/61f02bd923f4b3c9cbca7ac54bf61f4e-doggocasino.com-8cdd4d66f8d65689b62819334a267b9a257fee4eb2750b2e47cdaf63d0becac6311bea6226c3373c1ea5283761ef2821-c2VhbC5wbmc%3D?status=valid
200 OK 53 kB URL HTTP/2 2d1c8d36-b9ba-45b7-87c9-e34c592a597a.seals-emr.certria.com/sealassets/61f02bd923f4b3c9cbca7ac54bf61f4e-doggocasino.com-8cdd4d66f8d65689b62819334a267b9a257fee4eb2750b2e47cdaf63d0becac6311bea6226c3373c1ea5283761ef2821-c2VhbC5wbmc%3D?status=valid
IP
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash fceb44c117d8c9766bdd23befc239931
8a57ed8068117e00c0257cb97340274253236989
428b3487df7ab6c93f3f6345481dfc178a0c6e4c7589ccd6a3a11b12db077f28
GET /sealassets/61f02bd923f4b3c9cbca7ac54bf61f4e-doggocasino.com-8cdd4d66f8d65689b62819334a267b9a257fee4eb2750b2e47cdaf63d0becac6311bea6226c3373c1ea5283761ef2821-c2VhbC5wbmc%3D?status=valid HTTP/1.1
Host: 2d1c8d36-b9ba-45b7-87c9-e34c592a597a.seals-emr.certria.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 52815
date: Sun, 08 Jan 2023 07:42:15 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"ce4f-ilftgGgRfgDAJXy5c0AnQlMjaYk"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78634ba1cd8cbba3-FRA
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lujznKw80RYpQrVb1Z3S4IAc0lMgTOkILOh9j871kG1Za3uakVEFiQ==
age: 161
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5141210823053833367
200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5141210823053833367
IP
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=rkt&ovsid=5141210823053833367 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3161654963580211000V10; Expires=Mon, 08 Jan 2024 07:44:56 GMT; domain=.media.net; Path=/;
data-rk=5141210823053833367~~3;Expires=Sun, 07 Jan 2024 07:44:56 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Sun, 08 Jan 2023 07:44:56 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 08 Jan 2023 07:44:56 GMT
X-Firefox-Spdy: h2
51d4256e-9ede-4425-8b77-d7e5166c1c25.snippet.antillephone.com/sealassets/61f02bd923f4b3c9cbca7ac54bf61f4e-doggocasino.com-2f90385e7147995d0ad0e1568dcb8420125a9230e800b76e4574b197458fcd3ec3fae37cdc434512e60b35647fd94003-c2VhbC5wbmc%3D?status=valid
200 OK 46 kB URL HTTP/2 51d4256e-9ede-4425-8b77-d7e5166c1c25.snippet.antillephone.com/sealassets/61f02bd923f4b3c9cbca7ac54bf61f4e-doggocasino.com-2f90385e7147995d0ad0e1568dcb8420125a9230e800b76e4574b197458fcd3ec3fae37cdc434512e60b35647fd94003-c2VhbC5wbmc%3D?status=valid
IP
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 375b5b5bcd1d5179f5b789e4c28ca6df
f52bfd097b13f83fa43714f59786efa4082f55a1
f7acaa7ace617964cd79de3287bfa740f1d3fbcbed82ea1d09cd94058d4b1281
GET /sealassets/61f02bd923f4b3c9cbca7ac54bf61f4e-doggocasino.com-2f90385e7147995d0ad0e1568dcb8420125a9230e800b76e4574b197458fcd3ec3fae37cdc434512e60b35647fd94003-c2VhbC5wbmc%3D?status=valid HTTP/1.1
Host: 51d4256e-9ede-4425-8b77-d7e5166c1c25.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 46382
date: Sun, 08 Jan 2023 07:40:49 GMT
x-powered-by: Express
cache-control: max-age=1200
etag: W/"b52e-9Sv9CXsT+D+kNxT1l4bvpAgvVaE"
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 786349893bfa2c5e-FRA
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gwlcTGcawY9fYWUUHfH29P75yrJRLU_ws5nefDRvVM9q_RRzIiF05g==
age: 247
X-Firefox-Spdy: h2
51d4256e-9ede-4425-8b77-d7e5166c1c25.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
200 OK 68 B URL HTTP/2 51d4256e-9ede-4425-8b77-d7e5166c1c25.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
IP
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
GET /54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png HTTP/1.1
Host: 51d4256e-9ede-4425-8b77-d7e5166c1c25.snippet.antillephone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 68
date: Sun, 11 Dec 2022 09:03:02 GMT
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
etag: "e679fbd466a2d656f194a5da4fa083cd"
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LwqvS479GvbehVXU3aYpaWviW0G5Xy2mUJXvOdvV0pnce4xs6aYkag==
age: 2414515
X-Firefox-Spdy: h2
2d1c8d36-b9ba-45b7-87c9-e34c592a597a.seals-emr.certria.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
200 OK 68 B URL HTTP/2 2d1c8d36-b9ba-45b7-87c9-e34c592a597a.seals-emr.certria.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
IP
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash e679fbd466a2d656f194a5da4fa083cd
2aa795c7607aa6ea41313be88f1b7a9c1ab516b3
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
GET /54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png HTTP/1.1
Host: 2d1c8d36-b9ba-45b7-87c9-e34c592a597a.seals-emr.certria.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 68
date: Thu, 15 Dec 2022 07:46:34 GMT
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
etag: "e679fbd466a2d656f194a5da4fa083cd"
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4-epVF6ywmcnbueftylF3xi2sTGQa-n_uyV7NAFzfJkRvVf1XdsqZw==
age: 2073503
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5133329523725604131
200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5133329523725604131
IP
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=rkt&ovsid=5133329523725604131 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3161654963580267000V10; Expires=Mon, 08 Jan 2024 07:44:56 GMT; domain=.media.net; Path=/;
data-rk=5133329523725604131~~3;Expires=Sun, 07 Jan 2024 07:44:56 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Sun, 08 Jan 2023 07:44:56 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 08 Jan 2023 07:44:56 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MTIxMDgyMzA1MzgzMzM2Nw==&forward=
302 Found 369 B URL HTTP/2 cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MTIxMDgyMzA1MzgzMzM2Nw==&forward=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash c0a1d3402f0e7223ca27d15329cc727e
98a88ed9bc0ca75c538c6e6334b9152e02e9487d
f3ff2e2a275ac29e83a04e43014d5089d5cb39f719f71ca726616b63f7557996
GET /pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MTIxMDgyMzA1MzgzMzM2Nw==&forward= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MTIxMDgyMzA1MzgzMzM2Nw==&forward=&google_tc=
date: Sun, 08 Jan 2023 07:44:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 369
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 08-Jan-2023 07:59:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMzcyNTYwNDEzMQ==&forward=
302 Found 369 B URL HTTP/2 cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMzcyNTYwNDEzMQ==&forward=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 794a7ea03acac0cc6fe320047e0d16c1
4f77d5383e08c65f25cb9a918a7d58714fb9039b
38f6fb91e3da31e2191c7cb8d6b80eda61bbe26717cbbb55d1c96a86fa4d65fa
GET /pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMzcyNTYwNDEzMQ==&forward= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMzcyNTYwNDEzMQ==&forward=&google_tc=
date: Sun, 08 Jan 2023 07:44:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 369
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 08-Jan-2023 07:59:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329523725604131&referrer=https%3A%2F%2Fdoggocasino.com%2Fno-no%3FaffiliateName%3D%255Bcellxpert%255D%26affid%3Dcx-35656_390258%26bannerid%3D35656%26trackerid%3D35656_390258%26bta%3D35656%26brand%3Ddoggocasino%26rdk%3Drk1
302 Found 661 B URL HTTP/2 live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329523725604131&referrer=https%3A%2F%2Fdoggocasino.com%2Fno-no%3FaffiliateName%3D%255Bcellxpert%255D%26affid%3Dcx-35656_390258%26bannerid%3D35656%26trackerid%3D35656_390258%26bta%3D35656%26brand%3Ddoggocasino%26rdk%3Drk1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (575)
Hash b8d7bee81c05330e1c8a0a8ad1d762bd
c49119c4bf270a76e87dc4e467728218a47d4165
bbdd70760fabf74e305cff91fd8eeb97cbb3eb5e2cbecbb4b40824e0f693c545
GET /pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329523725604131&referrer=https%3A%2F%2Fdoggocasino.com%2Fno-no%3FaffiliateName%3D%255Bcellxpert%255D%26affid%3Dcx-35656_390258%26bannerid%3D35656%26trackerid%3D35656_390258%26bta%3D35656%26brand%3Ddoggocasino%26rdk%3Drk1 HTTP/1.1
Host: live.rezync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Cookie: zync-uuid=feec0389-c24c-4e8c-a771-0e2c3a4b3ba9:1673158601.0893228; sd-session-id=.eJwVyk0KgzAQQOG7zNqUTH7MJJeROJ1CaE2Lo5uKd6_dPPjgHTB9ZF1ql75B2dZdBuBXu6RQDtD2XeQJBSJaijEnFxNlwn_hHEBFtb371O7X8xBh6ykbdoFNEGJTU0JjxbGvYfZzzQXH5DHSaPFmKXvnCM4f0cEmQA.Y7pfyQ.WI9ktEP34LTwqwUPstbmQd2saa4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 661
location: https://p.rfihub.com/cm?pub=39342&in=0&userid=feec0389-c24c-4e8c-a771-0e2c3a4b3ba9%3A1673158601.0893228&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfeec0389-c24c-4e8c-a771-0e2c3a4b3ba9%253A1673158601.0893228
date: Sun, 08 Jan 2023 07:44:56 GMT
set-cookie: zync-uuid=feec0389-c24c-4e8c-a771-0e2c3a4b3ba9:1673158601.0893228; Domain=rezync.com; Expires=Thu, 06 Jul 2023 23:44:56 GMT; Path=/; SameSite=None; Secure
sd-session-id=.eJwNykkOwjAMAMC_-Nyg2M7-mSo1RoqgATXlQtW_0-NIc8D80W2tXfsOZd--OoG82qUB5YDRfqs-oYBHZqbsiSP5YB0ywjnB0DHau8_tfp2HqlhO2Qg5MU6TmBojGqskXN3CS80FQ2T0KVi82ZSZKMH5B8PzJhQ.Y7p0eA.Ao82GmRaQkXTWptRTgFLRxBZA5w; Expires=Fri, 07 Jul 2023 07:44:56 GMT; HttpOnly; Path=/; SameSite=None; Secure
vary: Cookie
server: lighttpd/1.4.59
x-cache: Miss from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gWB1mvMrTFP2hkXAv8BqXF8orbW3OWsFOTcwNsuGUpNvaQG25KUYUg==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 5300b4ab70006fe4a4957384e7539ed9
ccd6187cf3af18d00c4ab4082ecdea2cd51188f4
19fccddcd0168d9f4fbaa0eec6e78490edbf7f68aec60551a1b49957a8031682
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 08 Jan 2023 07:44:56 GMT
Last-Modified: Sun, 08 Jan 2023 07:20:43 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JsLler9Uo0b5ydjp_Hxa14EwnJ5YPI0h7sqPRLJYeMdMxF1iL6yJ9Q==
Age: 1453
x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5133329523725604131
200 OK 43 B URL HTTP/2 x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5133329523725604131
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /e/rocketfuel_sync?na_exid=5133329523725604131 HTTP/1.1
Host: x.dlx.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43
expires: Sun, 08 Jan 2023 07:44:56 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 08 Jan 2023 07:44:56 GMT
strict-transport-security: max-age=2628000
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MTIxMDgyMzA1MzgzMzM2Nw==&forward=&google_tc=
302 Found 269 B URL HTTP/2 cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MTIxMDgyMzA1MzgzMzM2Nw==&forward=&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 2ac1f21e70e438c7e2193d02ee7e9be0
f9a11bb626bad146751fc166f96b91f6aeae7eab
de4a04a623ca095cd229a54edeb3120d9dc94d227198b75cb9a0a69677ed7c85
GET /pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MTIxMDgyMzA1MzgzMzM2Nw==&forward=&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20841497p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
date: Sun, 08 Jan 2023 07:44:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 269
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
302 Found 0 B URL HTTP/2 sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP/1.1
Host: sync-tm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~Y7p0eAAAAPyzKQAF; Path=/; Domain=.everesttech.net; Expires=Mon, 08-Jan-2024 07:44:56 GMT; Max-Age=31536000
location: https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y7p0eAAAAPyzKQAF
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Sun, 08 Jan 2023 07:44:56 GMT
via: 1.1 varnish
x-served-by: cache-bma1650-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1673163897.664331,VS0,VE92
cache-control: no-cache
pragma: no-cache
content-length: 0
X-Firefox-Spdy: h2
x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5141210823053833367
200 OK 43 B URL HTTP/2 x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5141210823053833367
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /e/rocketfuel_sync?na_exid=5141210823053833367 HTTP/1.1
Host: x.dlx.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
expires: Sun, 08 Jan 2023 07:44:56 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 08 Jan 2023 07:44:56 GMT
strict-transport-security: max-age=2628000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 2166f11e11d12ebe46705ce853e14730
d7f16494d91106243c0e88ecb828ad8b1ce8c1c6
cb89c9055df1c17e1c586168f4b31bc5fe421ba19a0a0da72dd75669de045c62
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 07:44:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 08 Jan 2023 01:42:54 GMT
Expires: Sun, 15 Jan 2023 01:42:53 GMT
Etag: "d7f16494d91106243c0e88ecb828ad8b1ce8c1c6"
Cache-Control: max-age=582476,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78634f929b7ab50c-OSL
status.geotrust.com/
200 OK 471 B IP
Hash 95ccbc745eda120ce40e0a6ef3bc06dc
77f8fc248bd5ef56f50dbd04709a857a77438a40
36fa88f745632e3d98ca1a1018ea3032b25083a3601e24b6c60a16bc66953d44
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2409
Cache-Control: max-age=114600
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:44:56 GMT
Etag: "63b987b7-1d7"
Expires: Mon, 09 Jan 2023 15:34:56 GMT
Last-Modified: Sat, 07 Jan 2023 14:54:47 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
idsync.rlcdn.com/360947.gif?partner_uid=5141210823053833367
200 OK 42 B URL HTTP/2 idsync.rlcdn.com/360947.gif?partner_uid=5141210823053833367
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /360947.gif?partner_uid=5141210823053833367 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: rlas3=uEGXti7zXvaRQc80OwDpOHk8ev920cmu01v3zHg1vO8=; Path=/; Domain=rlcdn.com; Expires=Mon, 08 Jan 2024 07:44:56 GMT; Secure; SameSite=None
pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Thu, 09 Mar 2023 07:44:56 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Sun, 08 Jan 2023 07:44:56 GMT
content-length: 42
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c0cd142cc3a89eb5ccbe69bafee53f6c
135ac7656048059386025c818e6c814560fcb90c
9e4583ba03c60b8e7f49c0cb3757c5383c96c6d320e64130936b29a49230cf4a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 08 Jan 2023 07:44:56 GMT
Last-Modified: Sun, 08 Jan 2023 06:04:52 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: K95mWA_0IJi2HilhYphCIpWOKtkaoT3d8pfsfG3JxyimYUZmPcSu4Q==
Age: 6004
status.geotrust.com/
200 OK 471 B IP
Hash b0492eb3deb0baf6dd995c3d15a7ae99
3403062401e9cf648ad662301fc5d3b9707a1b96
77df0390aae302444153c44870a838605cd152706fda8ffdd318e3ab5740d643
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1878
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:44:56 GMT
Last-Modified: Sun, 08 Jan 2023 07:13:39 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMzcyNTYwNDEzMQ==&forward=&google_tc=
302 Found 269 B URL HTTP/2 cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMzcyNTYwNDEzMQ==&forward=&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 2ac1f21e70e438c7e2193d02ee7e9be0
f9a11bb626bad146751fc166f96b91f6aeae7eab
de4a04a623ca095cd229a54edeb3120d9dc94d227198b75cb9a0a69677ed7c85
GET /pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMzcyNTYwNDEzMQ==&forward=&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20841497p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
date: Sun, 08 Jan 2023 07:44:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 269
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
us-u.openx.net/w/1.0/sd?id=537073062&val=5141210823053833367&r=
200 OK 43 B URL HTTP/2 us-u.openx.net/w/1.0/sd?id=537073062&val=5141210823053833367&r=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /w/1.0/sd?id=537073062&val=5141210823053833367&r= HTTP/1.1
Host: us-u.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sun, 08 Jan 2023 07:44:56 GMT
content-type: image/gif
content-length: 43
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ib.adnxs.com/setuid?entity=18&code=5141210823053833367
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/setuid?entity=18&code=5141210823053833367
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=18&code=5141210823053833367 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 07:44:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210823053833367
AN-X-Request-Uuid: 44abcec5-32af-4f9b-9abe-b8320bbc8b36
Set-Cookie: uuid2=2502102475362502757; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 07:44:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
200 OK 471 B IP
Hash ab03cf8f98957a23ec4920f2d49abb09
4a3101438bd8441330297f58fe2a7cc2134adad9
9fc3d33f1f65a0dcc7ac6fcb28ebe712b2d7b271b60ae79fa0f8302d93a43f74
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2255
Cache-Control: max-age=104040
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:44:56 GMT
Etag: "63b95f11-1d7"
Expires: Mon, 09 Jan 2023 12:38:56 GMT
Last-Modified: Sat, 07 Jan 2023 12:01:21 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 2978ec810ec299defda0495ed3665868
75cc8066c335eeba7bdb7a276dadfbc00cb2740f
a36a0cbb09d502451ae23c9c23d53d6055e7e871bb3006376d3d91403ea6b4e4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 08 Jan 2023 07:44:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 07 Jan 2023 17:21:51 GMT
Expires: Sun, 08 Jan 2023 17:21:51 GMT
ETag: "75cc8066c335eeba7bdb7a276dadfbc00cb2740f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
sync.search.spotxchange.com/partner?adv_id=7180&uid=5141210823053833367&img=1
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7180&uid=5141210823053833367&img=1
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?adv_id=7180&uid=5141210823053833367&img=1 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 08 Jan 2023 07:44:56 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=58bff4a8-8f28-11ed-97a0-1ebee0f60206; expires=Sun, 05-Feb-2023 07:44:56 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?adv_id=7180&uid=5141210823053833367&img=1&__user_check__=1&sync_id=58bff4dc-8f28-11ed-97a0-1ebee0f60206
X-fe: 92
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
p.rfihub.com/cm?pub=24472&in=1
302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=24472&in=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=24472&in=1 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
Date: Sun, 08 Jan 2023 07:44:56 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAA_-MSNjU0MTI2NjM3MjQyNjc0MjM0NBfiM9TNMo53co2wjHJzcw4GAOhjm7AlAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 2 Feb 2024 07:44:56 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0MTI2NjM3MjQyNjc0MjM0NBfiM9TNMo53co2wjHJzcw4GAOhjm7AlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_7vFwmtoZm5saGZsYWlmYWEAAKrwQXsQAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 2 Feb 2024 07:44:56 GMT; Secure; SameSite=None
Location: https://ps.eyeota.net/match?uid=5142336721237126117&bid=omt9pi0
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
ocsp.digicert.com/
200 OK 727 B IP
Hash c28c04dd92a8ca7e8f6642df71ff4fe2
4a185fccc9115db2b553e5e02466dd296290c726
5f8528550c1f8ebbcc11a9617c13956c1d666909e0ea692a5c69dff9777a5578
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5387
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:44:56 GMT
Last-Modified: Sun, 08 Jan 2023 06:15:09 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 727
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 5f5a73d0a6e11523da288cc63b380ca6
028ba4611dcf4b0de557a777950490f684e5896a
bcea97d28a472afada7298a89ef8abf5b0354b72f7208572bf9805c794a27574
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 08 Jan 2023 07:44:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 07 Jan 2023 21:25:27 GMT
Expires: Sun, 08 Jan 2023 21:25:27 GMT
ETag: "028ba4611dcf4b0de557a777950490f684e5896a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5141210823053833367
204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5141210823053833367
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner_id=rfuel&partner_user_id=5141210823053833367 HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 07:44:56 GMT
set-cookie: _kuid_=PTlRfrrT; Expires=Fri, 07-Jul-23 07:44:56 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n019-dub-prod.krxd.net
x-request-time: D=29 t=1673163896
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a0805d2a25a147174169afa6f64c4580
57a4eeae02dbad55da4dfa4285d6efc828f507b0
c5cf5f78e5deaedbf76c734d08c51ba1a4adb64376ca420f62f35db4054af89c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4681
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:44:56 GMT
Last-Modified: Sun, 08 Jan 2023 06:26:55 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210823053833367&forward=
302 Found 0 B URL HTTP/1.1 dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210823053833367&forward=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=57&external_user_id=5141210823053833367&forward= HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sun, 08 Jan 2023 07:44:56 GMT
Server: Apache
Cache-Control: no-cache
Expires: 0
Location: /rum?cm_dsp_id=57&external_user_id=5141210823053833367&forward=&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 0
Set-Cookie: CMID=Y7p0eHzP4p5DHdcAlUiYtAAA; Path=/; Domain=casalemedia.com; Expires=Mon, 08 Jan 2024 07:44:56 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=1829; Path=/; Domain=casalemedia.com; Expires=Sat, 08 Apr 2023 07:44:56 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=1829; Path=/; Domain=casalemedia.com; Expires=Sat, 08 Apr 2023 07:44:56 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=500
Connection: Keep-Alive
bpi.rtactivate.com/tag/?id=11017&user_id=5133329523725604131
200 OK 43 B URL HTTP/2 bpi.rtactivate.com/tag/?id=11017&user_id=5133329523725604131
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /tag/?id=11017&user_id=5133329523725604131 HTTP/1.1
Host: bpi.rtactivate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Sun, 08 Jan 2023 07:44:56 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5141210823053833367
200 OK 43 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5141210823053833367
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /adscores/g.pixel?sid=9212192898&rf=5141210823053833367 HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:56 GMT
content-type: image/gif
content-length: 43
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c0cd142cc3a89eb5ccbe69bafee53f6c
135ac7656048059386025c818e6c814560fcb90c
9e4583ba03c60b8e7f49c0cb3757c5383c96c6d320e64130936b29a49230cf4a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=145093
Date: Sun, 08 Jan 2023 07:44:56 GMT
Etag: "63b9f56b-1d7"
Expires: Tue, 10 Jan 2023 00:03:09 GMT
Last-Modified: Sat, 07 Jan 2023 22:42:51 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Tcj-F4D5-8hYm8l6Ak6llxFdF-Z6umrUW00XZy2B1HTW2H4jD38j7A==
Age: 4818
beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5133329523725604131
204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5133329523725604131
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner_id=rfuel&partner_user_id=5133329523725604131 HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 07:44:56 GMT
set-cookie: _kuid_=PTlRfs69; Expires=Fri, 07-Jul-23 07:44:56 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n010-dub-prod.krxd.net
x-request-time: D=28 t=1673163896
X-Firefox-Spdy: h2
e1.emxdgt.com/put?d=d16&uid=5141210823053833367
204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d16&uid=5141210823053833367
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d16&uid=5141210823053833367 HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Sun, 08 Jan 2023 07:44:56 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 4b05f7de9746bad3fd9cc06663286565
156f95387abbd0a4836ef3d1c63bc0f9f6262c6c
d5abed0da340b1b008eb137e6f31763d2bcb3c5745715ac87f90fe825783f9e1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 07:44:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 01:56:48 GMT
Expires: Sat, 14 Jan 2023 01:56:47 GMT
Etag: "156f95387abbd0a4836ef3d1c63bc0f9f6262c6c"
Cache-Control: max-age=496910,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78634f92ef610b55-OSL
idsync.rlcdn.com/360947.gif?partner_uid=5133329523725604131
200 OK 42 B URL HTTP/2 idsync.rlcdn.com/360947.gif?partner_uid=5133329523725604131
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /360947.gif?partner_uid=5133329523725604131 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Thu, 09 Mar 2023 07:44:56 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Sun, 08 Jan 2023 07:44:56 GMT
content-length: 42
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ib.adnxs.com/setuid?entity=18&code=5133329523725604131
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/setuid?entity=18&code=5133329523725604131
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=18&code=5133329523725604131 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 07:44:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329523725604131
AN-X-Request-Uuid: 0509a52e-4d49-45af-89ae-d616ea8e8217
Set-Cookie: uuid2=8743710865637048400; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 07:44:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329523725604131&forward=
302 Found 0 B URL HTTP/1.1 dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329523725604131&forward=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=57&external_user_id=5133329523725604131&forward= HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sun, 08 Jan 2023 07:44:56 GMT
Server: Apache
Cache-Control: no-cache
Expires: 0
Location: /rum?cm_dsp_id=57&external_user_id=5133329523725604131&forward=&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 0
Set-Cookie: CMID=Y7p0eKS8YP1bzQucYarfhAAA; Path=/; Domain=casalemedia.com; Expires=Mon, 08 Jan 2024 07:44:56 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=1869; Path=/; Domain=casalemedia.com; Expires=Sat, 08 Apr 2023 07:44:56 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=1869; Path=/; Domain=casalemedia.com; Expires=Sat, 08 Apr 2023 07:44:56 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=500
Connection: Keep-Alive
us-u.openx.net/w/1.0/sd?id=537073062&val=5133329523725604131&r=
200 OK 43 B URL HTTP/2 us-u.openx.net/w/1.0/sd?id=537073062&val=5133329523725604131&r=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /w/1.0/sd?id=537073062&val=5133329523725604131&r= HTTP/1.1
Host: us-u.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sun, 08 Jan 2023 07:44:56 GMT
content-type: image/gif
content-length: 43
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 471 B IP
Hash 95ccbc745eda120ce40e0a6ef3bc06dc
77f8fc248bd5ef56f50dbd04709a857a77438a40
36fa88f745632e3d98ca1a1018ea3032b25083a3601e24b6c60a16bc66953d44
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5689
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 07:44:57 GMT
Last-Modified: Sun, 08 Jan 2023 06:10:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329523725604131&redir=
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329523725604131&redir=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=1121&dpuuid=5133329523725604131&redir= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-0e6039550.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329523725604131&redir=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=90515967664727851721095574937688363167; Max-Age=15552000; Expires=Fri, 07 Jul 2023 07:44:56 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: czYvuNLDSX0=
Content-Length: 0
Connection: keep-alive
e1.emxdgt.com/put?d=d16&uid=5133329523725604131
204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d16&uid=5133329523725604131
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d16&uid=5133329523725604131 HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Sun, 08 Jan 2023 07:44:56 GMT
content-length: 0
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=1121&dpuuid=5141210823053833367&redir=
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=1121&dpuuid=5141210823053833367&redir=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=1121&dpuuid=5141210823053833367&redir= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-071cdea73.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5141210823053833367&redir=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=32430907370373971802640387389355253412; Max-Age=15552000; Expires=Fri, 07 Jul 2023 07:44:57 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: S1060R1nSr8=
Content-Length: 0
Connection: keep-alive
doggocasino.com/assets/theme/icons/Trophy-Icon_black.svg
200 OK 673 B URL HTTP/2 doggocasino.com/assets/theme/icons/Trophy-Icon_black.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (444)
Hash 4af9c8d339237d6b72c5d30588e3e985
2bbec70967a245c93ae44c2ffaff29ad0f469e22
3fea5e509f99c1b1dbdcff3675e7ffdc459feb3791bbc0d24b8f47084bfc7558
GET /assets/theme/icons/Trophy-Icon_black.svg HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/no-no?affiliateName=%5Bcellxpert%5D&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.1.1673163883.59.0.0; _ga=GA1.2.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; affiliateId=cx-35656_390258; bannerId=35656; trackerId=35656_390258; affiliateName=%5Bcellxpert%5D; cookie_policy=accepted; _gat_UA-196341002-1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:25 GMT
x-amz-version-id: Yp2aaTZYw8F5y1Lt1QAUYv4O8BUwmGdJ
server: AmazonS3
content-encoding: gzip
date: Sat, 07 Jan 2023 11:37:50 GMT
etag: W/"53db43e4c9552aaffec27abd1ebe0b2f"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 82817
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xlHWoyKnTpyxPprKK56aCa8vDyqYyw20DyGG8dRCRntSkGHzQClIfg==
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329523725604131&img=1
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329523725604131&img=1
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?adv_id=7180&uid=5133329523725604131&img=1 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 08 Jan 2023 07:44:57 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=58d549a6-8f28-11ed-8b48-10d4c6b20306; expires=Sun, 05-Feb-2023 07:44:57 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?adv_id=7180&uid=5133329523725604131&img=1&__user_check__=1&sync_id=58d549e6-8f28-11ed-8b48-10d4c6b20306
X-fe: 11
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
p.rfihub.com/cm?pub=39342&in=0&userid=feec0389-c24c-4e8c-a771-0e2c3a4b3ba9%3A1673158601.0893228&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfeec0389-c24c-4e8c-a771-0e2c3a4b3ba9%253A1673158601.0893228
302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=39342&in=0&userid=feec0389-c24c-4e8c-a771-0e2c3a4b3ba9%3A1673158601.0893228&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfeec0389-c24c-4e8c-a771-0e2c3a4b3ba9%253A1673158601.0893228
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=39342&in=0&userid=feec0389-c24c-4e8c-a771-0e2c3a4b3ba9%3A1673158601.0893228&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dfeec0389-c24c-4e8c-a771-0e2c3a4b3ba9%253A1673158601.0893228 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20841497p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sun, 08 Jan 2023 07:44:57 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjY3MjUzMDEyNxDiM9RNinT1NygtifIOTSsEAO2tuB4lAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 2 Feb 2024 07:44:57 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjY3MjUzMDEyNxDiM9RNinT1NygtifIOTSsEAO2tuB4lAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
euds=H4sIAAAAAAAA_wXBwRGAMAgEwI_t4ACHAeyGMKQQK3f3u_zMNCOSWq3JJprKXYhHG2Ubu_KV5ZAnFsvNkVCNH3IzGJg6AAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_x3LyQ2AQAgAwAp8bR0YLoG1G5ZgQT6tVuN3krmHX92FEhOKtUA7CtKdAJtLUpesnCeZCx1hSDvGFOZ4xvajfdWR9QWb7lQmSgAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 2 Feb 2024 07:44:57 GMT; Secure; SameSite=None
Location: https://idsync.rlcdn.com/501709.gif?partner_uid=feec0389-c24c-4e8c-a771-0e2c3a4b3ba9%3A1673158601.0893228
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
ocsp.sectigo.com/
200 OK 471 B IP
Hash 4b05f7de9746bad3fd9cc06663286565
156f95387abbd0a4836ef3d1c63bc0f9f6262c6c
d5abed0da340b1b008eb137e6f31763d2bcb3c5745715ac87f90fe825783f9e1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 07:44:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 01:56:48 GMT
Expires: Sat, 14 Jan 2023 01:56:47 GMT
Etag: "156f95387abbd0a4836ef3d1c63bc0f9f6262c6c"
Cache-Control: max-age=496909,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78634f943cc4b50c-OSL
aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5133329523725604131
200 OK 43 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5133329523725604131
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /adscores/g.pixel?sid=9212192898&rf=5133329523725604131 HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:57 GMT
content-type: image/gif
content-length: 43
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=119&user_id=5133329523725604131&expires=30
200 OK 43 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=119&user_id=5133329523725604131&expires=30
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?dsp_id=119&user_id=5133329523725604131&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:57 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 263dad7750bc26a943d3509cb90cd429
800d50e5672e5de5de49c88149b897071929299f
206573612b99b9fe1036cc5e8c0be21c962b06fee8477035fe0e108f76a9439c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122768
Date: Sun, 08 Jan 2023 07:44:57 GMT
Etag: "63b9a82d-1d7"
Expires: Mon, 09 Jan 2023 17:51:05 GMT
Last-Modified: Sat, 07 Jan 2023 17:13:17 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iRgYs9cQ7Fgv-PvU5j7KdO5tzXSc2WkzEIfGQLXUrc1PW4eHOVBTSg==
Age: 2268
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 263dad7750bc26a943d3509cb90cd429
800d50e5672e5de5de49c88149b897071929299f
206573612b99b9fe1036cc5e8c0be21c962b06fee8477035fe0e108f76a9439c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122740
Date: Sun, 08 Jan 2023 07:44:57 GMT
Etag: "63b9a82d-1d7"
Expires: Mon, 09 Jan 2023 17:50:37 GMT
Last-Modified: Sat, 07 Jan 2023 17:13:17 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ItylVGphf4DUyo5zm04hvciOv-lrTEhMEhGPHm2_RcwA4x1a5WeVHA==
Age: 2240
bpi.rtactivate.com/tag/?id=11017&user_id=5141210823053833367
200 OK 43 B URL HTTP/2 bpi.rtactivate.com/tag/?id=11017&user_id=5141210823053833367
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /tag/?id=11017&user_id=5141210823053833367 HTTP/1.1
Host: bpi.rtactivate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Sun, 08 Jan 2023 07:44:57 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3
206 Partial Content 20 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3
IP
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo\012- data
Hash f11ce9e8f40a392830217253fe75d6de
89ba57fcc360da34756c127acba15a8b23267fc6
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
GET /web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Sun, 08 Jan 2023 07:44:57 GMT
content-type: audio/mpeg; charset=utf-8
content-length: 19698
x-amz-id-2: g87hI3qvp6u/eYrvF5ekvnlnd/ZKIURFxO017tHaVZdhHodAb1MX6TjMAHxlaiIHpETLXLY/I+c=
x-amz-request-id: X429XSBWRFS5FTSC
x-amz-replication-status: COMPLETED
last-modified: Wed, 09 Mar 2022 06:43:05 GMT
etag: "f11ce9e8f40a392830217253fe75d6de"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 09 Mar 2023 06:43:04 GMT
x-amz-version-id: ngeCnQamEcRo6kgSgz9pTF5J7hCEPwJW
cf-cache-status: HIT
age: 131466
content-range: bytes 0-19697/19698
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jH1T4n7KBcyMU9%2F09pxNhw76GiZ7n433D%2F08%2B5oJu%2F8SJ217nPCG%2FQ9zCGn5fMu1VZRcWaYRe4HS7HU2cCFEjAP%2FmELL9OiZpa51%2BJbYXyTu%2F9vq5rAbECM8MxL0omEFl%2BwRPOo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78634f9a7d62b509-OSL
X-Firefox-Spdy: h2
sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y7p0eAAAAPyzKQAF
200 OK 85 B URL HTTP/2 sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y7p0eAAAAPyzKQAF
IP
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 5bec6606b8392065f9da9898ca6f7b14
73ac5b01b5e3293fb792179626e7f8369cdb944d
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
GET /ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y7p0eAAAAPyzKQAF HTTP/1.1
Host: sync-tm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20841497p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Sun, 08 Jan 2023 07:44:57 GMT
via: 1.1 varnish
age: 2875
x-served-by: cache-bma1650-BMA
x-cache: HIT
x-cache-hits: 3814
x-timer: S1673163898.998346,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 85
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210823053833367
200 OK 43 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210823053833367
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210823053833367 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20841497p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 07:44:58 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: bc30da00-276e-41df-9405-6b3e5c53f55b
Set-Cookie: anj=dTM7k!M4/YErk#WF']wIg2In6ntWz^!]tbPl1MNu::wpAk`W=ii+fWPdX>FJjGd]oka#HUn:IrVJ7mkY!_6-zQEVk`!.)`]ik=DN; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 07:44:58 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329523725604131&img=1&__user_check__=1&sync_id=58d549e6-8f28-11ed-8b48-10d4c6b20306
200 OK 43 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329523725604131&img=1&__user_check__=1&sync_id=58d549e6-8f28-11ed-8b48-10d4c6b20306
IP
ASN #35220 SpotXchange, INC
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /partner?adv_id=7180&uid=5133329523725604131&img=1&__user_check__=1&sync_id=58d549e6-8f28-11ed-8b48-10d4c6b20306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20841497p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:44:58 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: audience=5972d042-8f28-11ed-9e03-125b01370106; expires=Sun, 05-Feb-2023 07:44:58 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 93
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5141210823053833367&expires=30
200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5141210823053833367&expires=30
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=119&user_id=5141210823053833367&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20841497p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:58 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?adv_id=7180&uid=5141210823053833367&img=1&__user_check__=1&sync_id=58bff4dc-8f28-11ed-97a0-1ebee0f60206
200 OK 43 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7180&uid=5141210823053833367&img=1&__user_check__=1&sync_id=58bff4dc-8f28-11ed-97a0-1ebee0f60206
IP
ASN #35220 SpotXchange, INC
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /partner?adv_id=7180&uid=5141210823053833367&img=1&__user_check__=1&sync_id=58bff4dc-8f28-11ed-97a0-1ebee0f60206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20841497p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 07:44:58 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: audience=59720e40-8f28-11ed-b117-162d46060406; expires=Sun, 05-Feb-2023 07:44:58 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 16
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-81a3de7.js
200 OK 6.2 kB URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-81a3de7.js
IP
File type ASCII text, with no line terminators
Hash 0222071ebb0c324704dee4736d4a0c84
73a983ba64d6093511406b64a56193d8949df449
1a5059238a8bbb2a51b0a7dcc226637f5e318e1aa85234fd8fb5cb07bbce20ef
GET /web_widget/latest/classic/web-widget-chat-incoming-message-notification-81a3de7.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:57 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: SkcJzZn5RRlglaHLOhk1vV1v30pm0szNvelv2eyVm7RGrf9j3oUJTTfL0PSdr3Oz2xeVhjpMFg8=
x-amz-request-id: FXYJV7HX34MNB73Y
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
etag: W/"659635f5ad1b6653645380f46aa42236"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:44:36 GMT
x-amz-version-id: yTfJjWtrph2znqvc1oRNTQcv23jcfwLc
cf-cache-status: HIT
age: 2003990
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BR55YZTTnHbyYgKf7%2B97lJ0m%2FUaFJts8G8BxXubMQ%2Bel11zUi3GxuVXAzJh39yooOUss%2FwCEcsFxg%2BNtIj43lDvenMcuubMLvD70hZSnZzl4MVI7%2BFPsDy2cZgoOUNAmsyQGDw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78634f99acd6b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329523725604131
200 OK 43 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329523725604131
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329523725604131 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20841497p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 07:44:58 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 64e9a4d1-a6ee-482a-8632-19a98a0c63e9
Set-Cookie: anj=dTM7k!M4/YErk#WF']wIg2In6ntWz^!]tbPl1MNu::wpAk`W>$ka#=sjF%>yfSNKPe9i18n:IrVJ7mkY!_6-zQEVk`!./S:ik=DN; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 07:44:58 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
doggocasino.com/Cookies-Icon.a41fe3b3f8f0046c586a.svg
200 OK 5.3 kB URL HTTP/2 doggocasino.com/Cookies-Icon.a41fe3b3f8f0046c586a.svg
IP
File type SVG Scalable Vector Graphics image\012- data
Hash e1f3d246245eab27c910320b4d222b51
faff832be8145a9618e078e0034534ea1fbecdda
aa9cb432107766b7c0c05dabe4e25f4670de0e9d59315cabcdf833a0f743693e
GET /Cookies-Icon.a41fe3b3f8f0046c586a.svg HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/styles.1f7587ee8c68e382c584.css
Cookie: _ga_K4EHGY5F0T=GS1.1.1673163882.2.0.1673163882.60.0.0; _ga=GA1.1.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile; affiliateId=cx-35656_390258; bannerId=35656; trackerId=35656_390258; affiliateName=%5Bcellxpert%5D; cookie_policy=accepted
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:24 GMT
x-amz-version-id: v67LzOlHf2g1K.cSPqht9o3MbOD2Ys6E
server: AmazonS3
content-encoding: gzip
date: Sat, 07 Jan 2023 16:06:30 GMT
etag: W/"87dfcd5ae030f407cc281bc26d0255f4"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 82820
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cwxyzDHnaG9D9W01tWDScw4ayl1Ml5Zj9itRrlIqlsUeOzrip2WXpg==
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329523725604131&redir=
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329523725604131&redir=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329523725604131&redir= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20841497p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-0e1f48b6d.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: i+tSw/JqSzA=
Content-Length: 59
Connection: keep-alive
a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
200 OK 42 B URL HTTP/1.1 a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /cm?pub=445&in=0&forward=&google_error=3 HTTP/1.1
Host: a.rfihub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20841497p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 07:44:58 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjY3MjUzMDExMBDiM9Q1NnRPDk4JSivITPYHADplF9MlAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 2 Feb 2024 07:44:58 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjY3MjUzMDExMBDiM9Q1NnRPDk4JSivITPYHADplF9MlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
euds=H4sIAAAAAAAA_-NicjUGAEAxo38EAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_-NicjUO4jU0Mzc2NDO2sLQwNLQAALWqaLgTAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 2 Feb 2024 07:44:58 GMT; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: image/gif
Content-Length: 42
Server: Jetty(9.3.29.v20201019)
dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329523725604131&forward=&C=1
200 OK 43 B URL HTTP/1.1 dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329523725604131&forward=&C=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=57&external_user_id=5133329523725604131&forward=&C=1 HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20841497p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 07:44:58 GMT
Server: Apache
Cache-Control: no-cache
Content-Type: image/gif
Expires: 0
Pragma: no-cache
Content-Length: 43
Keep-Alive: timeout=1, max=500
Connection: Keep-Alive
dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210823053833367&forward=&C=1
200 OK 43 B URL HTTP/1.1 dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210823053833367&forward=&C=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=57&external_user_id=5141210823053833367&forward=&C=1 HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20841497p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 07:44:58 GMT
Server: Apache
Cache-Control: no-cache
Content-Type: image/gif
Expires: 0
Pragma: no-cache
Content-Length: 43
Keep-Alive: timeout=1, max=500
Connection: Keep-Alive
a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
200 OK 42 B URL HTTP/1.1 a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /cm?pub=445&in=0&forward=&google_error=3 HTTP/1.1
Host: a.rfihub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20841497p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 07:44:58 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAA_-MSNjU0MDcxNrYwMrU0NDQ1NDYzNxXiM9T1NE0LyEkLKC1NcgsAAJAz0L8lAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 2 Feb 2024 07:44:58 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0MDcxNrYwMrU0NDQ1NDYzNxXiM9T1NE0LyEkLKC1NcgsAAJAz0L8lAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
euds=H4sIAAAAAAAA_-NicjUGAEAxo38EAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_-NicjUO4jU0Mzc2NDO2sLQwNDMAAEC08vkTAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 2 Feb 2024 07:44:58 GMT; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: image/gif
Content-Length: 42
Server: Jetty(9.3.29.v20201019)
ocsp.usertrust.com/
200 OK 472 B IP
Hash aa2f8383aeb6c22a71851be8f88117e0
dc8ffdcaec7fa8e1fbb4ea6884e052f9b1c69b2b
88aad9e2f38bd49ba3f6f3506ee11cde23d8720e48ddaca830a7dfc3be6d726c
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 07:44:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 21:01:06 GMT
Expires: Sat, 14 Jan 2023 21:01:05 GMT
Etag: "dc8ffdcaec7fa8e1fbb4ea6884e052f9b1c69b2b"
Cache-Control: max-age=603103,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1318
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78634f9bdedbb4f4-OSL
ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20841497p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 07:44:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fserved_by%253Devergreen%2526partner_uid%253D%2524UID
AN-X-Request-Uuid: c5f75537-db82-463f-9f2c-7432d3f6a02a
Set-Cookie: uuid2=8258376324372634508; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 07:44:58 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
widget-mediator.zopim.com/s/W/ws/R-koQRUXUIq44wkN/c/1673163886000
101 Switching Protocols 0 B URL HTTP/1.1 widget-mediator.zopim.com/s/W/ws/R-koQRUXUIq44wkN/c/1673163886000
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/W/ws/R-koQRUXUIq44wkN/c/1673163886000 HTTP/1.1
Host: widget-mediator.zopim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://doggocasino.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UjOV5oShnIYr/0Q3YqQyrg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sun, 08 Jan 2023 07:44:58 GMT
Connection: upgrade
Set-Cookie: AWSALB=5LvoAA0SeE1RPJQZ067H7SOPn3sNv0spwVP9HIlwuoBmseapn78N17HdzVkKYxaRCVJIm8XRycJ8OdDpUr9P2Czzcbhgw8WD8mgh75yxmpNRBv+KezxkBxy9/+lQ; Expires=Sun, 15 Jan 2023 07:44:58 GMT; Path=/
AWSALBCORS=5LvoAA0SeE1RPJQZ067H7SOPn3sNv0spwVP9HIlwuoBmseapn78N17HdzVkKYxaRCVJIm8XRycJ8OdDpUr9P2Czzcbhgw8WD8mgh75yxmpNRBv+KezxkBxy9/+lQ; Expires=Sun, 15 Jan 2023 07:44:58 GMT; Path=/; SameSite=None; Secure
Upgrade: websocket
Sec-WebSocket-Accept: xjUOIcv9sc1uXcUTeLM184v3xvg=
Sec-WebSocket-Version: 13
WebSocket-Server: uWebSockets
ps.eyeota.net/match?uid=5142336721237126117&bid=omt9pi0
200 OK 0 B URL HTTP/1.1 ps.eyeota.net/match?uid=5142336721237126117&bid=omt9pi0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?uid=5142336721237126117&bid=omt9pi0 HTTP/1.1
Host: ps.eyeota.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20841497p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Set-Cookie: SERVERID=20627~DM; Domain=eyeota.net; Path=/; Expires=Sun, 08 Jan 2023 07:54:58 GMT; Secure; SameSite=None;
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Content-Length: 0
Date: Sun, 08 Jan 2023 07:44:58 GMT
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fserved_by%253Devergreen%2526partner_uid%253D%2524UID
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fserved_by%253Devergreen%2526partner_uid%253D%2524UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fserved_by%253Devergreen%2526partner_uid%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20841497p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 07:44:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=0
AN-X-Request-Uuid: e53fd80a-9ca5-4037-80b9-e26ed0a7bb2b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
doggocasino.com/polyfills.041a4b505b38e3453b95.js
200 OK 0 B URL HTTP/2 doggocasino.com/polyfills.041a4b505b38e3453b95.js
IP
GET /polyfills.041a4b505b38e3453b95.js HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/en-us?affiliateName=[cellxpert]&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1
Cookie: _ga_K4EHGY5F0T=GS1.1.1673158586.1.1.1673158594.52.0.0; _ga=GA1.2.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:18 GMT
x-amz-version-id: htdpPG.9dCkVoOkvU100sFrI0fPekv3.
server: AmazonS3
content-encoding: gzip
date: Sat, 07 Jan 2023 11:37:33 GMT
etag: W/"43655eda45dc98456c80904f6f6683e7"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 82940
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cl3KxSzuvwIUwCF7JQlVncgy3vnVV52gpMhle2XZKTPof-hidN28WA==
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-3054262.js?sv=6
200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-3054262.js?sv=6
IP
GET /c/hotjar-3054262.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Sun, 08 Jan 2023 07:44:34 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/7cd9f8de1063816d085ca0615e14bfcb
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8rzDP4_dEPoqyWKUXIkdeM3flnlYCLDP6OnLSZeEmiIN3dAJA3FDjA==
age: 21
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-81a3de7.js
200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-81a3de7.js
IP
GET /web_widget/latest/classic/web-widget-chat-sdk-81a3de7.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:56 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: dCxOKI1VihqlzZuFneeAf4EO8DIB/CgBkri9Rz6wSPiqVn9DBEruG5PWW43tzIxAqz1PrZGMfjM=
x-amz-request-id: F6C2N3SJTY8G76TW
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
etag: W/"d366c0776c2bacba354d40e564c3d3e6"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:44:36 GMT
x-amz-version-id: _S9k0k7m14Q1JXEfLI.DU.BBCg9qJXGg
cf-cache-status: HIT
age: 2003989
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzuCv3rnl%2FSz2%2FLvdT%2BUcGjJAOGKbJbcmsuNDqUGQUiOUBeU6FlCerLKIdOF8K1gLmJRsb69NuCgfYBiRDri77dUPH4xL3bMEhgkOCcbbRELY1rTHhC1FJR3pbC6NrvUajsnFqk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78634f8e6d03b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/3054262/visit-data?sv=6
200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/3054262/visit-data?sv=6
IP
POST /api/v2/client/sites/3054262/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 115
Origin: https://doggocasino.com
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:56 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
doggocasino.com/runtime.58c76e964b21e45c3648.js
200 OK 0 B URL HTTP/2 doggocasino.com/runtime.58c76e964b21e45c3648.js
IP
GET /runtime.58c76e964b21e45c3648.js HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/en-us?affiliateName=[cellxpert]&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1
Cookie: _ga_K4EHGY5F0T=GS1.1.1673158586.1.1.1673158594.52.0.0; _ga=GA1.2.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:18 GMT
x-amz-version-id: Y3n9FEisQKRFlvFyYdZ9i20_l5RPDkKN
server: AmazonS3
content-encoding: gzip
date: Sat, 07 Jan 2023 11:37:33 GMT
etag: W/"905ee627812b6927f54ecd2a92af8846"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 82940
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OnE1USzlLm2xo5_kBFzKp_dGxsfUoNtnOBGvi_K6k9GWuNIVS6wflg==
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-classic-81a3de7.js
200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-classic-81a3de7.js
IP
GET /web_widget/latest/classic/web-widget-classic-81a3de7.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:55 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: Ce0nkuWjjUM/lzymVjHtiQ0M7cglO06O1GZHyYHKpApfhIFuCFdX0tcKGB1Nd+nf3sqmhVUU19M=
x-amz-request-id: F6C99C8H3KRW33CZ
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
etag: W/"0b77084bbe255e38dfc0511ed512b1b9"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:44:36 GMT
x-amz-version-id: BI7BH2_wYlhqABgV_1RpW5mVt_EhVp77
cf-cache-status: HIT
age: 2003989
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPxrs6yf9Thpmq7zSHTB0iFeIcJmvFXtBE5Js5WO3w9QbvyQaeAdUXvYi01cHuyHOGi0GCKBtZHEA76wVKaGFVLtm4lbXKgkVpQc1sh5z68MG2n7yu08qrzXKblvrTb%2FpuXlGT8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78634f8b6b1fb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
doggocasino.com/en-us?affiliateName=[cellxpert]&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1
200 OK 0 B URL HTTP/2 doggocasino.com/en-us?affiliateName=[cellxpert]&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1
IP
GET /en-us?affiliateName=[cellxpert]&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1 HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _ga_K4EHGY5F0T=GS1.1.1673158586.1.1.1673158594.52.0.0; _ga=GA1.2.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
date: Thu, 05 Jan 2023 08:37:52 GMT
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:27 GMT
x-amz-version-id: ofX4ChQvOtnJ9xvsFb1m0J88RfoPiR9E
etag: W/"d7a05d2f22b6a4d72bff9b8d0bdce04b"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: y6a8JQ9cs61hsYdbtW3GPxvAtzr_P1FlKsn3ixBFkIovKNnrLAmw5g==
age: 256022
X-Firefox-Spdy: h2
doggocasino.com/main.6bcbfcb64f889e6fe6ec.js
200 OK 0 B URL HTTP/2 doggocasino.com/main.6bcbfcb64f889e6fe6ec.js
IP
GET /main.6bcbfcb64f889e6fe6ec.js HTTP/1.1
Host: doggocasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/en-us?affiliateName=[cellxpert]&affid=cx-35656_390258&bannerid=35656&trackerid=35656_390258&bta=35656&brand=doggocasino&rdk=rk1
Cookie: _ga_K4EHGY5F0T=GS1.1.1673158586.1.1.1673158594.52.0.0; _ga=GA1.2.2104987336.1673158587; __adm_tid=tid-2ae5f2bb5.42566d1f3; _gid=GA1.2.1700880299.1673158588; _hjSessionUser_3054262=eyJpZCI6IjQyMzk2NDg2LTQ5MzYtNTZiNi1hODQwLTg2YThkYzE4NjliOSIsImNyZWF0ZWQiOjE2NzMxNTg1ODgyMzQsImV4aXN0aW5nIjpmYWxzZX0=; __zlcmid=1DplVgkclUvRile
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: c7543b0c1a387fe8fce7ecedb491413db02c94ccd3c1a1d5b2dc6c33f6e53bfc
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:889751173095:build/du-frontend-build:dba88433-a99e-4dbd-9b3f-92c9f40e4469
x-amz-meta-codebuild-content-md5: f72fdbadddaa46b851fe89ddcab9666b
last-modified: Thu, 05 Jan 2023 08:36:23 GMT
x-amz-version-id: TEH9NwvSWV8BvtW_BHAvyxLMZAIN7VQM
server: AmazonS3
content-encoding: gzip
date: Sat, 07 Jan 2023 11:37:33 GMT
etag: W/"a9c8e910b45873a0a647bbb23c95673a"
vary: Accept-Encoding
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
age: 83116
cache-control: public,max-age=31536000,immutable
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: a6T1aSq7skwkUhsSa9k8IZWW4ZF1GoqpcPa_IU5I-qqRUR06BRmpNQ==
X-Firefox-Spdy: h2
doggocasino.regily.com/b1e55c583226311df310792321f587d2.js
200 OK 0 B URL HTTP/2 doggocasino.regily.com/b1e55c583226311df310792321f587d2.js
IP
GET /b1e55c583226311df310792321f587d2.js HTTP/1.1
Host: doggocasino.regily.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 05 Dec 2022 10:38:51 GMT
server: AmazonS3
content-encoding: br
date: Sun, 08 Jan 2023 07:43:07 GMT
etag: W/"2e1b06881b14c67c60190e85c02f446b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dyz97KgICa0nKv8OXvEGcc080F3vzQ86NONgVLnhxCgiNGSwb9U_Cw==
age: 107
X-Firefox-Spdy: h2
static.zdassets.com/web_widget/latest/classic/web-widget-5324-81a3de7.js
200 OK 0 B URL HTTP/2 static.zdassets.com/web_widget/latest/classic/web-widget-5324-81a3de7.js
IP
GET /web_widget/latest/classic/web-widget-5324-81a3de7.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:55 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: N5dT9JXWrJ6LHekTKf/mWyeV2xtYk6b8CIDMtPXNt5c/QUaa5FjHdkI91n1OR77lZMScW8RD3DY=
x-amz-request-id: F6C5FH3WES4KVVKJ
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Dec 2022 15:44:37 GMT
etag: W/"c296a94da281fc44d57ec8f4e4cfb0fa"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Thu, 14 Dec 2023 15:44:36 GMT
x-amz-version-id: CY5KQGuue_uwVKm8gYgHUkbI5bFfwkO_
cf-cache-status: HIT
age: 2003989
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ayjr23nwV5zvRCA7Leqns4SWdj0RbFKopH3JfLl09N9F9kMqyhAFd58s0maOS8lmbYqJa7BACJWEvdADsLkqXUCEjqgi5%2B4fgth8Chw4bULK6cG1SWHrOPbC32dEL7Rrhuw%2FYLA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78634f8bab3eb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
partners.tremorhub.com/sync?UIRF=5133329523725604131&r=bOP2tr6Ffz8U
200 OK 0 B URL HTTP/2 partners.tremorhub.com/sync?UIRF=5133329523725604131&r=bOP2tr6Ffz8U
IP
GET /sync?UIRF=5133329523725604131&r=bOP2tr6Ffz8U HTTP/1.1
Host: partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:57 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
senecaphoneupdate.top/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
200 OK 0 B URL HTTP/2 senecaphoneupdate.top/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
IP
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1
Host: senecaphoneupdate.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:51 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 05 May 2022 04:35:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HsDge33OTJrxyjGNz98lavb8jmwUsGzFiz3CvwNqoEXSst%2FC1OdA4HiyWfbZyQIKCkkv92mjRjFYPhPJxAxI5LGquCNZppMmwU8J21twLTeQMfwy%2BUScsGp5SDPdWyYlgVJp72acTo8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78634f705f84b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adjs.media/resources/content/doggocasino.js
200 OK 0 B URL HTTP/2 adjs.media/resources/content/doggocasino.js
IP
GET /resources/content/doggocasino.js HTTP/1.1
Host: adjs.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:54 GMT
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: no-cache
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ff04ca61-c186-4a64-aebc-b386a503598d
x-download-options: noopen
etag: W/"910a1eb1f52f1e810f827c5d4202a9f4"
x-runtime: 0.002671
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DbSvlUNgeeESGqKWbSwfLo5kobAN32sMuTCru5aIc3Q8Gh0WS65jEwQFVT9qUFipUI%2F6WMI%2BaSI0mjnOIxodqvOKohbvA6cAkONFfv4x6gltDiUnJ%2B2omm3DMfS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78634f8289ca0af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.zdassets.com/ekr/snippet.js?key=65b012e7-7474-42fb-a2e0-939200b21662
200 OK 0 B URL HTTP/2 static.zdassets.com/ekr/snippet.js?key=65b012e7-7474-42fb-a2e0-939200b21662
IP
GET /ekr/snippet.js?key=65b012e7-7474-42fb-a2e0-939200b21662 HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://doggocasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:53 GMT
content-type: application/javascript
x-amz-id-2: 2vczt6VEQAujZh2Sn1saK7Q0yPHQMRKRQuuC+kOwLnJ40itjD1HXfy2Id85tVz8wD4O1ArN10VQ=
x-amz-request-id: 4MARQ9YY8PDZ70A8
x-amz-replication-status: PENDING
last-modified: Thu, 28 Jul 2022 23:44:02 GMT
etag: W/"5cae6ce528dce0c327b2bcbaad459fdb"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
cf-cache-status: HIT
age: 37
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQLXp3hSpwIW62GIwA8Y5ProMoPKRBu3kPM7O68q0W00ABb2L3PE1RAPo2kp6TFUMFw1RBvkt1eNVCrMJBMGsDNROl8q1ENwFnlt5sCIYOQwfZVyiBRatNuNdX4CE5HKCYCLxGU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 78634f80bb5bb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
partners.tremorhub.com/sync?UIRF=5141210823053833367&r=YHMrOlUy35_s
200 OK 0 B URL HTTP/2 partners.tremorhub.com/sync?UIRF=5141210823053833367&r=YHMrOlUy35_s
IP
GET /sync?UIRF=5141210823053833367&r=YHMrOlUy35_s HTTP/1.1
Host: partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20841497p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 07:44:57 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
104.21.5.85
54.191.240.24
52.213.137.74
104.110.10.32
93.184.220.29
35.234.86.61
185.94.180.125
151.101.86.208
193.33.229.103
188.114.96.1
185.80.36.245