firefox.settings.services.mozilla.com/v1/
54.230.111.118200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1aac651ec250c598683dd17ca2002c07
11595ac82e017f95190c2a36dc77323a3fedcbfc
93fa640d042452ae8455d026e30e3b4594c13d4be65f3552a4b5edae027c02f9
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Content-Length, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 10 Oct 2022 05:48:21 GMT
Expires: Mon, 10 Oct 2022 06:27:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FbqXcRLwW2yu1j4MRGgu1V3y7ywQKtlkdjf-7xvpfH9iJ0ADZ-qggA==
Age: 2975
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cf768e41672570b0a4a9fe86045915fc
2249064a86b2ba11e28208b9fba1c9f1db4f3e9e
a049499f78078df12f4d1c5180f1f36715a5c99db4f31c18ee06bcf0b6382b30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A049499F78078DF12F4D1C5180F1F36715A5C99DB4F31C18EE06BCF0B6382B30"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4576
Expires: Mon, 10 Oct 2022 07:54:12 GMT
Date: Mon, 10 Oct 2022 06:37:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3d0ffae9abfdf558a6286013a0201c8b
2dc8ea0000a1b0c0f849611fdd73429bca51bfad
8e19eab9b6d16819f9ef3920971542cbcf5dd18280617e2de1a3827f0c149398
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E19EAB9B6D16819F9EF3920971542CBCF5DD18280617E2DE1A3827F0C149398"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9203
Expires: Mon, 10 Oct 2022 09:11:19 GMT
Date: Mon, 10 Oct 2022 06:37:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: S7J/c+coQ7KQ79NXywo/958tNVMBYGXrou8ApFVqDnOwMy1Gmm/W+nT7DY6lFpq4OoH9vuPf0EDvU5ZTrkGJcw==
x-amz-request-id: 1W2NS08Q5AN43ZVX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 10 Oct 2022 06:00:19 GMT
age: 2257
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 10 Oct 2022 06:37:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.118200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 10 Oct 2022 06:29:41 GMT
Expires: Mon, 10 Oct 2022 06:30:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sgdB9rQCrYrJmB5Z2kDh-jsd1ugLN_8mV3qIu1pAdYbUmsLKDxRePg==
Age: 496
www.gamingstreet.org/assassins-creed-iv-black-flag-pc-reloaded-crack-free-download/
162.210.199.85302 Found 11 B URL HTTP/1.1 www.gamingstreet.org/assassins-creed-iv-black-flag-pc-reloaded-crack-free-download/
IP 162.210.199.85:0
ASN #30633 LEASEWEB-USA-WDC
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /assassins-creed-iv-black-flag-pc-reloaded-crack-free-download/ HTTP/1.1
Host: www.gamingstreet.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 10 Oct 2022 06:37:57 GMT
location: http://pyrrh-xbf.com/zcvisitor/13640721-4866-11ed-bd02-0a09b406d69f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=21df8310-2377-11ed-a767-128084d1ce51
server: nginx
set-cookie: sid=135c1a06-4866-11ed-ba02-a3e251cbe457; path=/; domain=.gamingstreet.org; expires=Sat, 28 Oct 2090 09:52:04 GMT; max-age=2147483647; HttpOnly
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0e2d9e91637474eeaf391312eed441bd
5d29603c731b75308f7d1f584b3ac4c263c96a9e
7da864345088083e1a6fec2d95e07186ef8dbcef8505570e547844c556dfe3be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3226
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 10 Oct 2022 06:37:57 GMT
Last-Modified: Mon, 10 Oct 2022 05:44:11 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
pyrrh-xbf.com/zcvisitor/13640721-4866-11ed-bd02-0a09b406d69f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=21df8310-2377-11ed-a767-128084d1ce51
34.239.209.41200 996 B URL HTTP/1.1 pyrrh-xbf.com/zcvisitor/13640721-4866-11ed-bd02-0a09b406d69f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=21df8310-2377-11ed-a767-128084d1ce51
IP 34.239.209.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a00176fe9187d98a5d87388c10399ef1
70ce06d8acbc87da91779d37f946ccc1bced251a
b5f6452f18c9c8c5113cd15469de7e43a515881c8a21a7b6eff78f0d7c1a8f36
Analyzer Verdict Alert fortinet Phishing
GET /zcvisitor/13640721-4866-11ed-bd02-0a09b406d69f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=21df8310-2377-11ed-a767-128084d1ce51 HTTP/1.1
Host: pyrrh-xbf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Mon, 10 Oct 2022 06:37:57 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: iNodvttB
pyrrh-xbf.com/zcredirect?visitid=13640721-4866-11ed-bd02-0a09b406d69f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
34.239.209.41200 702 B URL HTTP/1.1 pyrrh-xbf.com/zcredirect?visitid=13640721-4866-11ed-bd02-0a09b406d69f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP 34.239.209.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (308)
Hash 6a5d4a9722156ac49b1a1e6c2b3f53a8
3639a4e08e6056212b17187034bd3e7a81f8f955
dc3fa729f50e09648e92478f19da43bac1247b5c0531d76d6cfa37513a68f1da
GET /zcredirect?visitid=13640721-4866-11ed-bd02-0a09b406d69f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: pyrrh-xbf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pyrrh-xbf.com/zcvisitor/13640721-4866-11ed-bd02-0a09b406d69f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=21df8310-2377-11ed-a767-128084d1ce51
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Mon, 10 Oct 2022 06:37:57 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: kQTZvSPn
push.services.mozilla.com/
35.160.97.225101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.97.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8/1ok4iGR77YXz817NQO9A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WMV3IdVOPweHYkCBcsMToxxvyCA=
pyrrh-xbf.com/favicon.ico
34.239.209.41404 653 B URL HTTP/1.1 pyrrh-xbf.com/favicon.ico
IP 34.239.209.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: pyrrh-xbf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pyrrh-xbf.com/zcredirect?visitid=13640721-4866-11ed-bd02-0a09b406d69f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
HTTP/1.1 404
Date: Mon, 10 Oct 2022 06:37:58 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: zkSaUHHX
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash c06900a792c15fc180730231f8bd2b60
2fd55428f3c3f0c0e0916ed243e5e78b8c4930d6
9c2ef677ff93a4400a18d561721a02000f1f29c96266bda93cac67762392534e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 10 Oct 2022 06:37:58 GMT
Server: ECS (dcb/7EEF)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gvAVr4VegAvt6M2iiV4uunylsXF3Unzrku3FzQ3YJ_4MuGAsD4exkA==
ayxvy.voluumtrk3.com/zp-redirect?target=https%3A%2F%2Ftakebonuses.life%2F%3Fu%3Dxunwwwr%26o%3Db0hp0zn%26cid%3Dwp2v4jg9uqpqqukji5jk1a44&caid=158b5b73-ccca-408f-a150-a43e12f193d8&zpid=13640721-4866-11ed-bd02-0a09b406d69f&cid=wp2v4jg9uqpqqukji5jk1a44&rt=R
18.185.54.95302 Found 0 B URL HTTP/2 ayxvy.voluumtrk3.com/zp-redirect?target=https%3A%2F%2Ftakebonuses.life%2F%3Fu%3Dxunwwwr%26o%3Db0hp0zn%26cid%3Dwp2v4jg9uqpqqukji5jk1a44&caid=158b5b73-ccca-408f-a150-a43e12f193d8&zpid=13640721-4866-11ed-bd02-0a09b406d69f&cid=wp2v4jg9uqpqqukji5jk1a44&rt=R
IP 18.185.54.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Ftakebonuses.life%2F%3Fu%3Dxunwwwr%26o%3Db0hp0zn%26cid%3Dwp2v4jg9uqpqqukji5jk1a44&caid=158b5b73-ccca-408f-a150-a43e12f193d8&zpid=13640721-4866-11ed-bd02-0a09b406d69f&cid=wp2v4jg9uqpqqukji5jk1a44&rt=R HTTP/1.1
Host: ayxvy.voluumtrk3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pyrrh-xbf.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 10 Oct 2022 06:37:58 GMT
content-length: 0
location: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: voluum-cid-v4=%7B%22cid%22%3A%22wp2v4jg9uqpqqukji5jk1a44%22%2C%22caid%22%3A%22158b5b73-ccca-408f-a150-a43e12f193d8%22%7D; Max-Age=31536000; Expires=Tue, 10-Oct-2023 06:37:58 GMT; Domain=ayxvy.voluumtrk3.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b93fd96852dfacfbd8d257aa4f278fa
50cbd5e178292015f33d16338bd83b89fd556732
c12bce9de96b5f0b87b1bcb3f219c689a5bd145444e997b1f2f7eacef0cf7b4e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C12BCE9DE96B5F0B87B1BCB3F219C689A5BD145444E997B1F2F7EACEF0CF7B4E"
Last-Modified: Fri, 07 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16020
Expires: Mon, 10 Oct 2022 11:04:58 GMT
Date: Mon, 10 Oct 2022 06:37:58 GMT
Connection: keep-alive
takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
37.221.65.58200 OK 19 kB URL HTTP/1.1 takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
IP 37.221.65.58:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (498)
Hash 134da435a84053080b2666042d5d438d
820816ab4c4ac9d7051df1facfd378c3bc93fb34
7c9b04e905e95d9acdd0650bcc7b37c7be9f631d3a0912c48402efcd540d731d
GET /?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44 HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pyrrh-xbf.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:58 GMT
Content-Type: text/html
Content-Length: 19355
Connection: keep-alive
set-cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0; path=/
cache-control: private, no-transform
takebonuses.life/media/gambling/en/slotbar/style.css
37.221.65.58200 OK 20 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/style.css
IP 37.221.65.58:0
File type ASCII text, with very long lines (492), with CRLF line terminators
Hash 8c38a209d98ec6a54d6b7cd42046af41
8b84ce3e95d745d2d6b6057344552b647aefe86d
d3b04d04ba4fa44ce3cee6fd4d97958d8ea9bebd93a14a12be14a3259fab0022
GET /media/gambling/en/slotbar/style.css HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:58 GMT
Content-Type: text/css
Content-Length: 20006
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "8c38a209d98ec6a54d6b7cd42046af41"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF5FD34256
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:58 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b80398e65c98d84250756256d31eed2d
3cc23d1d91745ddd04ee676f51762f37c0bcdbd3
f2cb6fda3fdbd8f04d380e7841875d322353864124bb5b25ce36fb327a2bfded
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 10 Oct 2022 06:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
142.250.74.138200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32069)
Hash 4ae540714475aa934955496d990ab15f
b7724c4d72a422b86f5dc06571ff4bc86f0308a3
ca0222f8799d862ca8c427d6c612878f47043c9445ad0e1567f1f80e83c965e2
GET /ajax/libs/jquery/2.2.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30089
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 00:55:39 GMT
expires: Thu, 05 Oct 2023 00:55:39 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 452540
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
takebonuses.life/cookie/js.cookie9.js
37.221.65.58200 OK 4.4 kB URL HTTP/1.1 takebonuses.life/cookie/js.cookie9.js
IP 37.221.65.58:0
File type ASCII text, with very long lines (1709)
Hash 16e07bf02a8e81d2cd5679dc45cc318c
7c205205935a3a56a8976b2ac648502b43103b5f
96e91577f6be403fc263780e07e6b7839373588026f793d2b4edd77dcbba871e
GET /cookie/js.cookie9.js HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: application/javascript
Content-Length: 4395
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "16e07bf02a8e81d2cd5679dc45cc318c"
Last-Modified: Wed, 31 Aug 2022 09:31:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0F0BEBD1E7F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b80398e65c98d84250756256d31eed2d
3cc23d1d91745ddd04ee676f51762f37c0bcdbd3
f2cb6fda3fdbd8f04d380e7841875d322353864124bb5b25ce36fb327a2bfded
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 10 Oct 2022 06:37:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14568
Expires: Mon, 10 Oct 2022 10:40:47 GMT
Date: Mon, 10 Oct 2022 06:37:59 GMT
Connection: keep-alive
takebonuses.life/media/gambling/backbutton_gmb.js
37.221.65.58200 OK 3.9 kB URL HTTP/1.1 takebonuses.life/media/gambling/backbutton_gmb.js
IP 37.221.65.58:0
File type ASCII text, with CRLF line terminators
Hash 42a42a2180debd55caba94527379964c
562c1754c94ce49326b0381805ee14d175487778
52afe26d88ec86edf4a46d872db86007597b8ff5f6d9e79e47c9e6b899d0b781
GET /media/gambling/backbutton_gmb.js HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: application/javascript
Content-Length: 3923
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "42a42a2180debd55caba94527379964c"
Last-Modified: Wed, 31 Aug 2022 09:34:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA038B803B114
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14568
Expires: Mon, 10 Oct 2022 10:40:47 GMT
Date: Mon, 10 Oct 2022 06:37:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14568
Expires: Mon, 10 Oct 2022 10:40:47 GMT
Date: Mon, 10 Oct 2022 06:37:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14568
Expires: Mon, 10 Oct 2022 10:40:47 GMT
Date: Mon, 10 Oct 2022 06:37:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14568
Expires: Mon, 10 Oct 2022 10:40:47 GMT
Date: Mon, 10 Oct 2022 06:37:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b15495e3e13c06fd0d67523870405ed
3cb8b43735e86c93733affa10818c47693c80fce
f65edddef18295076f79a48e9a6c95d07ed244a2ae618cb4229b6c1bd434cd57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12187
x-amzn-requestid: 9768886f-0e17-4958-bdaf-e17385eb21d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjqJCHyNoAMFmDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e23d3-288e1d28057753a16893d6b5;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 00:39:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0FF6_I6Gw2Qn9KVlFuI0O-4-kWzoCWVlWE95_ckbwDEtS4bOHZJK0w==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 22:25:25 GMT
age: 29554
etag: "3cb8b43735e86c93733affa10818c47693c80fce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d3fa05a-2c1d-4a1d-9d91-bc70cb4e4ee5.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d3fa05a-2c1d-4a1d-9d91-bc70cb4e4ee5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a09bd7160451852652bccbcbcdcbd527
f42137372ab3b592977b1b736c1b12fc5ed81bf6
568b1c7cbe260d05919ff7232855441f70bf048c32380d8c0b848aa80a1696c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d3fa05a-2c1d-4a1d-9d91-bc70cb4e4ee5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6923
x-amzn-requestid: 507e5591-c06e-4ee8-b567-a11b6c95024e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZwalRGFcoAMFslw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63433e21-5e5bf5026b2121931e035270;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 21:33:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EgQIb89afJS1uPY9ZUyDS_E7C_JQT8Scm3EC3K5OZKB2nE7wMx8PIw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 22:12:34 GMT
age: 30325
etag: "f42137372ab3b592977b1b736c1b12fc5ed81bf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b12fb41-30af-4093-a2e5-407e0dba7f9f.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b12fb41-30af-4093-a2e5-407e0dba7f9f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cb1e1243af4405d2ddfc86ece266cff
bcd47a41fc6b0384c03fa00b8fa4a23805fa3b28
6df8b3b5420bad300304d14e8e18d65e4179a76d2f7e0a24bce23655318f49a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b12fb41-30af-4093-a2e5-407e0dba7f9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8218
x-amzn-requestid: 694a656a-0f68-4d3a-a316-1da1ce908c11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZwatMFwzoAMF4Ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63433e54-277be490531f4d3b4cf11540;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 21:34:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bQ8XleDVmNo8uFPqs6hSr55SYWa4yF2R4nZ_oMnObdl3PlTGM7l7Dg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 22:02:57 GMT
etag: "bcd47a41fc6b0384c03fa00b8fa4a23805fa3b28"
content-type: image/jpeg
age: 30902
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaace23d-b928-4d0c-a0a1-b704713419b5.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaace23d-b928-4d0c-a0a1-b704713419b5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b810629f9c09752af6b6510aa553a7dc
9529f0f6b6a2ccef9d8d1ec5cf85dfee6021f53d
2f4e2f650fc0ef13d63ae3003d036a56e29ef53b3f58ce4701aff51827eb93a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaace23d-b928-4d0c-a0a1-b704713419b5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6911
x-amzn-requestid: d6a87eb0-73fa-40b9-8185-d40198f7135a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zjn5uG1_IAMFu8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e203e-0c3e82fa1ee3f37849ab0dcd;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 00:24:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O6IKGUjg_FaiTiCkght-zQlXA-526F6GMQS0G98g4GW1bJCVrrJ4sg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 00:03:48 GMT
age: 23651
etag: "9529f0f6b6a2ccef9d8d1ec5cf85dfee6021f53d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a70c782-ab29-49bd-86a1-6c1f7c38fbc6.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a70c782-ab29-49bd-86a1-6c1f7c38fbc6.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cb8976d18c6197dc99cd60d784f188b
2e6d5041aff56cc2313cc23438be450b6113f111
27b99d13f075013f66e3ca3d03074cc0b96bd6da63d094701c2f29e017362b8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a70c782-ab29-49bd-86a1-6c1f7c38fbc6.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12292
x-amzn-requestid: d5129b2b-c513-4fa1-8b2c-9bda19870905
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZwatMF5goAMFXRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63433e54-360ad9352303c09b3b6c2dce;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 21:34:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: moJJY-yrF8AGl9YHrQw-B2sUiGYAdUJERlssxR-i8UDb2r_SZpCfQw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 22:30:38 GMT
age: 29241
etag: "2e6d5041aff56cc2313cc23438be450b6113f111"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3c21914-dac1-455d-9533-b584e9bd6225.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3c21914-dac1-455d-9533-b584e9bd6225.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cefb9479bc2fe5087f9d2b89ef3cec2b
aa219f193812c6a2d0313316ce13fe74f1d468d0
a806ef995ed2285bd9f0d553df49aa28924e640805e1f50284baad1c0aec06bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3c21914-dac1-455d-9533-b584e9bd6225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10113
x-amzn-requestid: 7a9800c5-81ed-4a23-bbe0-0041ab682856
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZwalQEPPoAMF3yA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63433e21-5a9bedb10c4f8c2c60ab3769;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 21:33:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MROeeTPtb6DfMHkig6fHcYuYiv1-udvJVfB1jygcDYLy4LuZmgRE_Q==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 09 Oct 2022 22:24:52 GMT
age: 29587
etag: "aa219f193812c6a2d0313316ce13fe74f1d468d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
takebonuses.life/media/gambling/sound.js
37.221.65.58200 OK 1.1 kB URL HTTP/1.1 takebonuses.life/media/gambling/sound.js
IP 37.221.65.58:0
File type ASCII text, with CRLF line terminators
Hash 3787b349cb8b744b6917fe43f96b1ccd
ab26d82699a166f520a51f722bc6262ef1d5421f
8e4cbdda4f0a209714e470984de7250f946c3afd35ded05302ef431be048e918
GET /media/gambling/sound.js HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: application/javascript
Content-Length: 1083
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "3787b349cb8b744b6917fe43f96b1ccd"
Last-Modified: Wed, 31 Aug 2022 09:34:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA1AC7A499EE0
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/icon.js
37.221.65.58200 OK 1.6 kB URL HTTP/1.1 takebonuses.life/media/gambling/icon.js
IP 37.221.65.58:0
File type ASCII text, with CRLF line terminators
Hash 2b25502a979c3b240fc77e52689e4c29
790d306577b490abe99d88fb55bce2e815689843
328a90c5503266ebe4dda1e9c84558e62016811f112a159aecb36fc489563577
GET /media/gambling/icon.js HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: application/javascript
Content-Length: 1580
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "2b25502a979c3b240fc77e52689e4c29"
Last-Modified: Wed, 31 Aug 2022 09:34:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA038A4E35BDF
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/util/utils-gmb.js
37.221.65.58200 OK 4.7 kB URL HTTP/1.1 takebonuses.life/util/utils-gmb.js
IP 37.221.65.58:0
File type ASCII text, with very long lines (641), with CRLF line terminators
Hash 570df3f849036a1a4a75ca2a28047d36
f69147076e3912116a9765a2ed34afe3cae67978
221e1a80f62592306f7a357aa9ee1a43b32a10314f340b64604ca9d351cf33c4
GET /util/utils-gmb.js HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: application/javascript
Content-Length: 4651
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "570df3f849036a1a4a75ca2a28047d36"
Last-Modified: Wed, 31 Aug 2022 09:38:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA038A51888A0
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/exit_gmb.js
37.221.65.58200 OK 1.6 kB URL HTTP/1.1 takebonuses.life/media/gambling/exit_gmb.js
IP 37.221.65.58:0
File type ASCII text, with CRLF line terminators
Hash 5202df93e55f911a83a995fa38af7ee6
6c0ce8fd3d83e819b40bdff250b8c9331a2bbcf8
28ef9927757f823b79b11ebc2b24e22940e84492d5d78ede4591e4e520a43681
GET /media/gambling/exit_gmb.js HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: application/javascript
Content-Length: 1550
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "5202df93e55f911a83a995fa38af7ee6"
Last-Modified: Wed, 31 Aug 2022 09:34:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA038B8023E74
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/comment.js
37.221.65.58200 OK 2.8 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/comment.js
IP 37.221.65.58:0
File type ASCII text, with very long lines (2753), with no line terminators
Hash 8441712705c040dc2ecfd7966c11f131
2f776d7927b20cf9813436f83e3007002979cccb
b18340e4cacb8244292577c44d3a37be71c75977ab74e417c8b8cb0da4d84246
GET /media/gambling/en/slotbar/comment.js HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: application/javascript
Content-Length: 2753
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "8441712705c040dc2ecfd7966c11f131"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF52A51700
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/confetti.js
37.221.65.58200 OK 3.5 kB URL HTTP/1.1 takebonuses.life/media/gambling/confetti.js
IP 37.221.65.58:0
File type ASCII text, with very long lines (3533), with no line terminators
Hash 116c9460f5e882a7fcf4e837f7efc72a
13a88e74735d05985e5d07e8cbff716329f5d81c
651141c8290087af54c66793aa063ee5697661fb914925f56bd09390a2895ce4
GET /media/gambling/confetti.js HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: application/javascript
Content-Length: 3533
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "116c9460f5e882a7fcf4e837f7efc72a"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF66E6D89F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/returnDate.no.js
37.221.65.58200 OK 1.2 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/returnDate.no.js
IP 37.221.65.58:0
Hash dbdb981f8658c845968ec8226f81d1d8
d679b7bf47f71cd55b6c307cf96146a95660d667
5c9b1b4991000ba0178363dd1c57556fe2d6b433f6d4eef927c2cd15d55660fa
GET /media/gambling/en/slotbar/returnDate.no.js HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: application/javascript
Content-Length: 1242
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "dbdb981f8658c845968ec8226f81d1d8"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA1D08EB8138B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/red-arrow-left.png
37.221.65.58200 OK 1.1 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/red-arrow-left.png
IP 37.221.65.58:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 58f67f1674f5133b9925d3ae27dc0498
81c764ff6133a59dac942dfc76d77ee7c942fc03
29879956bc91fc604349179daa4c866d15cc6a6b120e0e6abb5ff0d078c7484b
GET /media/gambling/en/slotbar/red-arrow-left.png HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: image/png
Content-Length: 1059
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "58f67f1674f5133b9925d3ae27dc0498"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF99133C40
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/img1.jpg
37.221.65.58200 OK 1.3 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/img1.jpg
IP 37.221.65.58:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash c3c59916d3b4977017c89125dc42b664
c8e5a97a6e9fbf41558c09c65b2ca6df9ba8723a
aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9
GET /media/gambling/en/slotbar/img1.jpg HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: image/jpeg
Content-Length: 1315
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "c3c59916d3b4977017c89125dc42b664"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FFA72C0A3A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/3temv7e.jpg
37.221.65.58200 OK 1.2 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/3temv7e.jpg
IP 37.221.65.58:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash a848711320a9df61e6457f65b0dfa9fb
68a62a84d89f4f9e1e831a6cef920797c7f2e7d5
aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0
GET /media/gambling/en/slotbar/3temv7e.jpg HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: image/jpeg
Content-Length: 1169
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "a848711320a9df61e6457f65b0dfa9fb"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF9EDB13B7
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/red-arrow-right.png
37.221.65.58200 OK 1.1 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/red-arrow-right.png
IP 37.221.65.58:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash c4d30de24dab6f826e7f27286beaceaa
b42751f5e5ebb1561fc9809235df332e8eb0f8c8
124c45624ec8d62cec06559dcfcd78ae0c686964ffe05911a836a0e4e1410081
GET /media/gambling/en/slotbar/red-arrow-right.png HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: image/png
Content-Length: 1089
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "c4d30de24dab6f826e7f27286beaceaa"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF90856975
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/yWwCB4c.jpg
37.221.65.58200 OK 2.3 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/yWwCB4c.jpg
IP 37.221.65.58:0
File type JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Hash 5edf4db493423ac10c72a27ad5c4a618
5c535d00eaeaa725b39e3e1167a12de5bd66a1f2
a7c86ca5470f7d68b4c5f1c87f29f7daf816d1bd95353091bba8753341bb6f5f
GET /media/gambling/en/slotbar/yWwCB4c.jpg HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: image/jpeg
Content-Length: 2336
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "5edf4db493423ac10c72a27ad5c4a618"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF9E8B205A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/slot-win.png
37.221.65.58200 OK 14 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/slot-win.png
IP 37.221.65.58:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash efb5cc057d90910eac87b874ae4dba74
6e24b4b704bee110a184ebe7b560bd3e91c73171
89c8a97b460a4fdca3c3bae5cc2f0aac9ca347ba18b6edf90c1c83ea953a6194
GET /media/gambling/en/slotbar/slot-win.png HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: image/png
Content-Length: 13853
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "efb5cc057d90910eac87b874ae4dba74"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF9E071D11
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/img2.jpg
37.221.65.58200 OK 1.3 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/img2.jpg
IP 37.221.65.58:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 92b944714cea3e478a8e50dea1a80b26
f12fc267be0ab02e2f3585b42df5b8c10d3cd3a5
fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205
GET /media/gambling/en/slotbar/img2.jpg HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: image/jpeg
Content-Length: 1297
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "92b944714cea3e478a8e50dea1a80b26"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FFACDB4011
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/EKZrmbS.jpg
37.221.65.58200 OK 2.3 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/EKZrmbS.jpg
IP 37.221.65.58:0
File type JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Hash 7364bf39dcf0941d3a1760e46a562710
a358405162193128cceae8551e14648798bd4254
ba858c8ecc8f498253509a9251e5070ce3b3ad9950b704a22a9a1fb1efc62541
GET /media/gambling/en/slotbar/EKZrmbS.jpg HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: image/jpeg
Content-Length: 2264
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "7364bf39dcf0941d3a1760e46a562710"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF7580EE9E
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/9PH2QqX.jpg
37.221.65.58200 OK 2.1 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/9PH2QqX.jpg
IP 37.221.65.58:0
File type JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Hash f48aa7778890400e3be6131e64cd4236
9341d039b9f7de4eac9070c36fecac2772cc1ba0
388e1eb0cb648490ea1c4913f4ea3128f3fbfbda0608bf85e471d947db905302
GET /media/gambling/en/slotbar/9PH2QqX.jpg HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: image/jpeg
Content-Length: 2143
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "f48aa7778890400e3be6131e64cd4236"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF755D9660
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/plR22yu.jpg
37.221.65.58200 OK 1.0 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/plR22yu.jpg
IP 37.221.65.58:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 51x51, components 3\012- data
Hash 7a532123e2eda81e018b8c1f90c8b3bd
e03576434acd69d708fae0f3f8df07e93d152280
9545948eefe774be5121de01ef9c14207891c35116bba14056471a59e4c212a1
GET /media/gambling/en/slotbar/plR22yu.jpg HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: image/jpeg
Content-Length: 1017
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "7a532123e2eda81e018b8c1f90c8b3bd"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF8E88C675
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/7wSpKDu.jpg
37.221.65.58200 OK 2.0 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/7wSpKDu.jpg
IP 37.221.65.58:0
File type JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Hash 6d02d5cf49120718501b9a6629290c48
a7bfde16cd37f6a331e8f17fbfc2f1772a5929a1
84d7f0648aeba8d80bb0f47e781cba8955b8fa7425748d9830c7a8c9bc35e5e9
GET /media/gambling/en/slotbar/7wSpKDu.jpg HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: image/jpeg
Content-Length: 2037
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "6d02d5cf49120718501b9a6629290c48"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF7585DC85
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/win.mp3
37.221.65.58206 Partial Content 10 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/win.mp3
IP 37.221.65.58:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 32 kbps, 32 kHz, Monaural\012- data
Hash bca40777013dec4a99eaa8b0b98a7fef
bc1c833577a1dcd82ad01a90e82898bc7b47cad7
635e9ee8fcd18bd4c3ae173f00f4c5cbf15ee90a27a302440e2e77c371314176
GET /media/gambling/en/slotbar/win.mp3 HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: audio/mpeg
Content-Length: 10391
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "bca40777013dec4a99eaa8b0b98a7fef"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
No-Gzip-Compression: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0DEDE2705B2
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Content-Range: bytes 0-10390/10391
takebonuses.life/media/gambling/en/slotbar/spin.mp3
37.221.65.58206 Partial Content 8.8 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/spin.mp3
IP 37.221.65.58:0
File type MPEG ADTS, layer III, v2, 32 kbps, 16 kHz, JntStereo\012- data
Hash 5a2e10964c7fea8b0181831184bc0d97
8f5233dd6be372e7749c6cd8440db5b43de5a9c9
9b8fa3d6ccb98804102ffd59ee70c19e5d7ca7efabbe6c0d4471a1935348ee3d
GET /media/gambling/en/slotbar/spin.mp3 HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: audio/mpeg
Content-Length: 8784
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "5a2e10964c7fea8b0181831184bc0d97"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
No-Gzip-Compression: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0DEDE4807A8
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Content-Range: bytes 0-8783/8784
takebonuses.life/media/gambling/en/slotbar/DsrKpkj.jpg
37.221.65.58200 OK 1.5 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/DsrKpkj.jpg
IP 37.221.65.58:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 0d0f29abfcedc7dfffe3811a5100a6cd
19567e85aab4fd05d752cfa86f88087465042b0a
e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393
GET /media/gambling/en/slotbar/DsrKpkj.jpg HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: image/jpeg
Content-Length: 1506
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "0d0f29abfcedc7dfffe3811a5100a6cd"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF8F0E8FFB
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/KqX499j.png
37.221.65.58200 OK 2.2 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/KqX499j.png
IP 37.221.65.58:0
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 8fe70ee687801d77e99e45efa5af9aa7
e49eefbb1115151d92af0285dc58416f0e9ab0f1
4d1d8a5b765092760f02f78036d8df58ad04f835c15619e9522c3f2ac932a0da
GET /media/gambling/en/slotbar/KqX499j.png HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: image/png
Content-Length: 2153
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "8fe70ee687801d77e99e45efa5af9aa7"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF8F51BFA9
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/yEUMY3v.jpg
37.221.65.58200 OK 1.6 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/yEUMY3v.jpg
IP 37.221.65.58:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 5da3831556c780010e0e5c5b967e43ce
574623afde349258b91d44849ef16d483b61e223
45f901bd7a281c73db028f014eb9196ad0297d6eaede94151bf2832946eb8f07
GET /media/gambling/en/slotbar/yEUMY3v.jpg HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: image/jpeg
Content-Length: 1608
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "5da3831556c780010e0e5c5b967e43ce"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF7582FAFA
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/slot-result-1.png
37.221.65.58200 OK 20 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/slot-result-1.png
IP 37.221.65.58:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 54c5bc3e91c88eeff2a8f7f9b07f1fe1
2751cefef9a5045394300d8bfc97e40bc0b7cd9a
989811ca7ffc1465a01cba4e46074e231acb6cf0881a0bb82652025f5cefa3de
GET /media/gambling/en/slotbar/slot-result-1.png HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: image/png
Content-Length: 19469
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "54c5bc3e91c88eeff2a8f7f9b07f1fe1"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF89992156
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/slot-result-2.png
37.221.65.58200 OK 25 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/slot-result-2.png
IP 37.221.65.58:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 4922e4f8c0c5d208c89921d9a525cbe5
b756a0d6c3f726f00300c87fac1d3a915784ebdf
f13a99343fae8de26ee2e996fcc80487e9687ac5929eefd899db967fd124208c
GET /media/gambling/en/slotbar/slot-result-2.png HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: image/png
Content-Length: 25004
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "4922e4f8c0c5d208c89921d9a525cbe5"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF9E6562CD
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/slot-start.png
37.221.65.58200 OK 25 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/slot-start.png
IP 37.221.65.58:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 794c929de9d8b06cf941920aeeceecee
e411636320af6e768cdde0a1ed3cc3cbc5eecc11
c9b63b519ca7e209c7adc6268f0112d83913e09ec44bebb3a8308897eebdef6f
GET /media/gambling/en/slotbar/slot-start.png HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: image/png
Content-Length: 24873
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "794c929de9d8b06cf941920aeeceecee"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF755FC2E6
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/media/gambling/en/slotbar/slot-spin.gif
37.221.65.58200 OK 88 kB URL HTTP/1.1 takebonuses.life/media/gambling/en/slotbar/slot-spin.gif
IP 37.221.65.58:0
File type GIF image data, version 89a, 410 x 279\012- data
Hash 617c16c5e04c8603dd7f157862b1c682
1306296f9a666a7fc50f339a2a924ce8a3a18169
7f8e36cf7ac437d7c42440ef5f522c8e27adb06348b573192308038fa7c1dc7e
GET /media/gambling/en/slotbar/slot-spin.gif HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 10 Oct 2022 06:37:59 GMT
Content-Type: image/gif
Content-Length: 87599
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "617c16c5e04c8603dd7f157862b1c682"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 171CA0FF7714258D
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Oct 2023 06:37:59 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
takebonuses.life/favicon.ico
37.221.65.58204 No Content 0 B URL HTTP/1.1 takebonuses.life/favicon.ico
IP 37.221.65.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: takebonuses.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://takebonuses.life/?u=xunwwwr&o=b0hp0zn&cid=wp2v4jg9uqpqqukji5jk1a44
Cookie: sid=t2~oiv5iilgn4xycwgsthnbwxf0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Server: nginx
Date: Mon, 10 Oct 2022 06:38:00 GMT
Connection: keep-alive
Cache-Control: no-transform