firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 08:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tCAgU3TbxLNAmwZ7At_rRhmRILAhVisOTPg52_Bv7aCTYrjFwNeqcA==
Age: 3376
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11853
Expires: Tue, 27 Sep 2022 12:29:19 GMT
Date: Tue, 27 Sep 2022 09:11:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Mon, 26 Sep 2022 09:17:07 GMT
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kZerwQxrYzXpS_EB9zZZL0gZZPqYpuKIW5ZQjyLcnWkvHhFj7OPb_A==
age: 86080
X-Firefox-Spdy: h2
immobilieres.com/
209.15.13.134302 Found 393 B IP 209.15.13.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (321), with CRLF line terminators
Hash d7c25deeb57ef51c2bb30da1b3e3450f
6b3c8585d8d8b6d77fd2840c3d500b28091fb99a
2e6d4e3d884a173490d3d97fcb6f751b1d51f1b8e19923071f145cc7bfb9b9f0
GET / HTTP/1.1
Host: immobilieres.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://btpnav.com/click?data=UWpZV1ljYVZCa1J0SWgxa2RZQkYyYVZhcG9YYkhfYUJZQ2lEblJDT3ZjeUFPNC1ZSkwxSWRRRy1fUGNXRk9xdHZYa2ZJbHJmOFZ4TUl3SU9URlZYX3V0ek9jMndBOFYwSFNLSHhGOThWRnNFam1yYXhKWHdDZVlOajFJLVdmU1huVXRuYzcwVG0wRVlMRXpaNHA5UDRnMg2&id=78aa5738-c7b7-4cfc-a4e5-7fc316eb1f0d
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web02
Date: Tue, 27 Sep 2022 09:11:46 GMT
Connection: close
Content-Length: 393
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 09:11:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
btpnav.com/click?data=UWpZV1ljYVZCa1J0SWgxa2RZQkYyYVZhcG9YYkhfYUJZQ2lEblJDT3ZjeUFPNC1ZSkwxSWRRRy1fUGNXRk9xdHZYa2ZJbHJmOFZ4TUl3SU9URlZYX3V0ek9jMndBOFYwSFNLSHhGOThWRnNFam1yYXhKWHdDZVlOajFJLVdmU1huVXRuYzcwVG0wRVlMRXpaNHA5UDRnMg2&id=78aa5738-c7b7-4cfc-a4e5-7fc316eb1f0d
209.15.13.136200 OK 2.2 kB URL HTTP/1.1 btpnav.com/click?data=UWpZV1ljYVZCa1J0SWgxa2RZQkYyYVZhcG9YYkhfYUJZQ2lEblJDT3ZjeUFPNC1ZSkwxSWRRRy1fUGNXRk9xdHZYa2ZJbHJmOFZ4TUl3SU9URlZYX3V0ek9jMndBOFYwSFNLSHhGOThWRnNFam1yYXhKWHdDZVlOajFJLVdmU1huVXRuYzcwVG0wRVlMRXpaNHA5UDRnMg2&id=78aa5738-c7b7-4cfc-a4e5-7fc316eb1f0d
IP 209.15.13.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators
Hash f5250e80d1b651f3202a7c0954a71fd9
ccd4f685f39e7d7f59bca7b589642a8ab18c756c
e0caa5e5cd46cd168d0b139f1b44912a5be3c9f1f5b2e3ce48d2bb3f02b64bfa
GET /click?data=UWpZV1ljYVZCa1J0SWgxa2RZQkYyYVZhcG9YYkhfYUJZQ2lEblJDT3ZjeUFPNC1ZSkwxSWRRRy1fUGNXRk9xdHZYa2ZJbHJmOFZ4TUl3SU9URlZYX3V0ek9jMndBOFYwSFNLSHhGOThWRnNFam1yYXhKWHdDZVlOajFJLVdmU1huVXRuYzcwVG0wRVlMRXpaNHA5UDRnMg2&id=78aa5738-c7b7-4cfc-a4e5-7fc316eb1f0d HTTP/1.1
Host: btpnav.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: fhEBAxxiKTGxHXH=fhEBAxxiKTGxHXH; path=/
X-Server: web01
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Tue, 27 Sep 2022 09:11:46 GMT
Content-Length: 2162
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 09:10:46 GMT
Expires: Tue, 27 Sep 2022 09:38:42 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tWCAS9X11UCgzCr7goOy0PFko_lyPfrAs_ARkq3lOh2BsTv3cuK8fg==
Age: 61
btpnav.com/Redirect/
209.15.13.136302 Found 269 B IP 209.15.13.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 61e76f4eaa9054097438146ee1de694d
989d21888529e2680d0334cc33a33d60af43b368
38be6caf5bb90a63542380ee386e8e40196082d9153901d31a47b3e8549b9127
POST /Redirect/ HTTP/1.1
Host: btpnav.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 359
Origin: http://btpnav.com
Connection: keep-alive
Referer: http://btpnav.com/click?data=UWpZV1ljYVZCa1J0SWgxa2RZQkYyYVZhcG9YYkhfYUJZQ2lEblJDT3ZjeUFPNC1ZSkwxSWRRRy1fUGNXRk9xdHZYa2ZJbHJmOFZ4TUl3SU9URlZYX3V0ek9jMndBOFYwSFNLSHhGOThWRnNFam1yYXhKWHdDZVlOajFJLVdmU1huVXRuYzcwVG0wRVlMRXpaNHA5UDRnMg2&id=78aa5738-c7b7-4cfc-a4e5-7fc316eb1f0d
Cookie: fhEBAxxiKTGxHXH=fhEBAxxiKTGxHXH
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://phoka-mps.com/zcvisitor/6985ad61-3e44-11ed-beef-0af3ef4bc9c9/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=58a93170-2381-11ed-8e1b-0a918cbcbb97
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web01
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Tue, 27 Sep 2022 09:11:46 GMT
Content-Length: 269
phoka-mps.com/zcvisitor/6985ad61-3e44-11ed-beef-0af3ef4bc9c9/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=58a93170-2381-11ed-8e1b-0a918cbcbb97
52.45.156.125200 996 B URL HTTP/1.1 phoka-mps.com/zcvisitor/6985ad61-3e44-11ed-beef-0af3ef4bc9c9/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=58a93170-2381-11ed-8e1b-0a918cbcbb97
IP 52.45.156.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 06a9142f30198a287bb84a1cd6ff5837
1a3ce28947ca84d54039926853e0b281aa26b445
b1f3543d120b9e1c344fe2d41dd79da6793e84d4c88759db77561b667f6896fa
Analyzer Verdict Alert fortinet Phishing
GET /zcvisitor/6985ad61-3e44-11ed-beef-0af3ef4bc9c9/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=58a93170-2381-11ed-8e1b-0a918cbcbb97 HTTP/1.1
Host: phoka-mps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://btpnav.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Tue, 27 Sep 2022 09:11:47 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: JjBsijjC
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 159
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 09:11:47 GMT
Etag: "63315d9a-1d7"
Last-Modified: Tue, 27 Sep 2022 09:09:08 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
phoka-mps.com/zcredirect?visitid=6985ad61-3e44-11ed-beef-0af3ef4bc9c9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
52.45.156.125200 700 B URL HTTP/1.1 phoka-mps.com/zcredirect?visitid=6985ad61-3e44-11ed-beef-0af3ef4bc9c9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP 52.45.156.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (307)
Hash 7dd82ca824eadba38309ca4986278cad
5196bd6bf316e7b8f485b7ce21623d7902af5672
fcdf565eea354d27cce240f56b0a8256c3e59ef062aa6437c2562dc1637d0feb
GET /zcredirect?visitid=6985ad61-3e44-11ed-beef-0af3ef4bc9c9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: phoka-mps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://phoka-mps.com/zcvisitor/6985ad61-3e44-11ed-beef-0af3ef4bc9c9/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=58a93170-2381-11ed-8e1b-0a918cbcbb97
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Tue, 27 Sep 2022 09:11:47 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: QtwCRzbE
push.services.mozilla.com/
34.210.107.213101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.107.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: y35mjsPeTB1yPYHRpPyJHw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nKzVmoVoMDx02KXd1quTw52CduM=
phoka-mps.com/favicon.ico
52.45.156.125404 653 B URL HTTP/1.1 phoka-mps.com/favicon.ico
IP 52.45.156.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: phoka-mps.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://phoka-mps.com/zcredirect?visitid=6985ad61-3e44-11ed-beef-0af3ef4bc9c9&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
HTTP/1.1 404
Date: Tue, 27 Sep 2022 09:11:48 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: LNFCWstK
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 24d2c9d92d22b4fb453af5c85531d1f8
0b6e9aa16126b161e42d6872c17b641e0bf25f3c
a46acb190b6a72f84299b6c743589b6dfafb5369ccc5e517b503b391defe13d0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 09:11:48 GMT
Server: ECS (dcb/7FA6)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pfMwYSH1A_iRnvlgl9DzZfDUP_e8L9cV8VdZPrPpnGtTGfoSyR_RVg==
ayxvy.voluumtrk3.com/zp-redirect?target=https%3A%2F%2Fbriskbonus.life%2F%3Fu%3Dxunwwwr%26o%3Db0hp0zn%26cid%3Dwagn70d6h5keu9bjiiuve2eu&caid=c3ff4655-a271-48ad-90d6-849e63bfb180&zpid=6985ad61-3e44-11ed-beef-0af3ef4bc9c9&cid=wagn70d6h5keu9bjiiuve2eu&rt=R
18.185.54.95302 Found 0 B URL HTTP/2 ayxvy.voluumtrk3.com/zp-redirect?target=https%3A%2F%2Fbriskbonus.life%2F%3Fu%3Dxunwwwr%26o%3Db0hp0zn%26cid%3Dwagn70d6h5keu9bjiiuve2eu&caid=c3ff4655-a271-48ad-90d6-849e63bfb180&zpid=6985ad61-3e44-11ed-beef-0af3ef4bc9c9&cid=wagn70d6h5keu9bjiiuve2eu&rt=R
IP 18.185.54.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Fbriskbonus.life%2F%3Fu%3Dxunwwwr%26o%3Db0hp0zn%26cid%3Dwagn70d6h5keu9bjiiuve2eu&caid=c3ff4655-a271-48ad-90d6-849e63bfb180&zpid=6985ad61-3e44-11ed-beef-0af3ef4bc9c9&cid=wagn70d6h5keu9bjiiuve2eu&rt=R HTTP/1.1
Host: ayxvy.voluumtrk3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://phoka-mps.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 27 Sep 2022 09:11:48 GMT
content-length: 0
location: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: voluum-cid-v4=%7B%22cid%22%3A%22wagn70d6h5keu9bjiiuve2eu%22%2C%22caid%22%3A%22c3ff4655-a271-48ad-90d6-849e63bfb180%22%7D; Max-Age=31536000; Expires=Wed, 27-Sep-2023 09:11:48 GMT; Domain=ayxvy.voluumtrk3.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfb891de16d53186480b2aa7a135ec24
030412ad472cd2fd72ceecf21bfe57cebf3ab7d8
8f9545abd707653b97cad90e7b351725aa628a88764c234b22431229234ee199
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F9545ABD707653B97CAD90E7B351725AA628A88764C234B22431229234EE199"
Last-Modified: Tue, 27 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21543
Expires: Tue, 27 Sep 2022 15:10:51 GMT
Date: Tue, 27 Sep 2022 09:11:48 GMT
Connection: keep-alive
briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
37.221.65.58200 OK 19 kB URL HTTP/1.1 briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
IP 37.221.65.58:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (549)
Hash d5bf0d24d4ac38b731bb1ab878f50643
18ffe2bcea43e2bfb55b22713a1a43ab047432d8
27ccdb4671521a0396644d5df24a2e87751699d527926694e854a6111954d8be
GET /?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://phoka-mps.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:48 GMT
Content-Type: text/html
Content-Length: 19422
Connection: keep-alive
set-cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3; path=/
cache-control: private, no-transform
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 09:11:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
142.250.74.106200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32069)
Hash 4ae540714475aa934955496d990ab15f
b7724c4d72a422b86f5dc06571ff4bc86f0308a3
ca0222f8799d862ca8c427d6c612878f47043c9445ad0e1567f1f80e83c965e2
GET /ajax/libs/jquery/2.2.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30089
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 00:55:35 GMT
expires: Thu, 21 Sep 2023 00:55:35 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 548174
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 09:11:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
briskbonus.life/media/gambling/icon.js
37.221.65.58200 OK 1.6 kB URL HTTP/1.1 briskbonus.life/media/gambling/icon.js
IP 37.221.65.58:0
File type ASCII text, with CRLF line terminators
Hash 2b25502a979c3b240fc77e52689e4c29
790d306577b490abe99d88fb55bce2e815689843
328a90c5503266ebe4dda1e9c84558e62016811f112a159aecb36fc489563577
GET /media/gambling/icon.js HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: application/javascript
Content-Length: 1580
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "2b25502a979c3b240fc77e52689e4c29"
Last-Modified: Wed, 31 Aug 2022 09:34:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AC57467884BD
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/sound.js
37.221.65.58200 OK 1.1 kB URL HTTP/1.1 briskbonus.life/media/gambling/sound.js
IP 37.221.65.58:0
File type ASCII text, with CRLF line terminators
Hash 3787b349cb8b744b6917fe43f96b1ccd
ab26d82699a166f520a51f722bc6262ef1d5421f
8e4cbdda4f0a209714e470984de7250f946c3afd35ded05302ef431be048e918
GET /media/gambling/sound.js HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: application/javascript
Content-Length: 1083
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "3787b349cb8b744b6917fe43f96b1ccd"
Last-Modified: Wed, 31 Aug 2022 09:34:56 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AC8606E241A5
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/style.css
37.221.65.58200 OK 20 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/style.css
IP 37.221.65.58:0
File type ASCII text, with very long lines (492), with CRLF line terminators
Hash 8c38a209d98ec6a54d6b7cd42046af41
8b84ce3e95d745d2d6b6057344552b647aefe86d
d3b04d04ba4fa44ce3cee6fd4d97958d8ea9bebd93a14a12be14a3259fab0022
GET /media/gambling/en/slotbar/style.css HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: text/css
Content-Length: 20006
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "8c38a209d98ec6a54d6b7cd42046af41"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718ACAA222F1B93
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/util/utils-gmb.js
37.221.65.58200 OK 4.7 kB URL HTTP/1.1 briskbonus.life/util/utils-gmb.js
IP 37.221.65.58:0
File type ASCII text, with very long lines (641), with CRLF line terminators
Hash 570df3f849036a1a4a75ca2a28047d36
f69147076e3912116a9765a2ed34afe3cae67978
221e1a80f62592306f7a357aa9ee1a43b32a10314f340b64604ca9d351cf33c4
GET /util/utils-gmb.js HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: application/javascript
Content-Length: 4651
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "570df3f849036a1a4a75ca2a28047d36"
Last-Modified: Wed, 31 Aug 2022 09:38:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AC8606BBE399
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/comment.js
37.221.65.58200 OK 2.8 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/comment.js
IP 37.221.65.58:0
File type ASCII text, with very long lines (2753), with no line terminators
Hash 8441712705c040dc2ecfd7966c11f131
2f776d7927b20cf9813436f83e3007002979cccb
b18340e4cacb8244292577c44d3a37be71c75977ab74e417c8b8cb0da4d84246
GET /media/gambling/en/slotbar/comment.js HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: application/javascript
Content-Length: 2753
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "8441712705c040dc2ecfd7966c11f131"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718ACA219E2166E
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17876
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 09:11:49 GMT
Connection: keep-alive
briskbonus.life/cookie/js.cookie9.js
37.221.65.58200 OK 4.4 kB URL HTTP/1.1 briskbonus.life/cookie/js.cookie9.js
IP 37.221.65.58:0
File type ASCII text, with very long lines (1709)
Hash 16e07bf02a8e81d2cd5679dc45cc318c
7c205205935a3a56a8976b2ac648502b43103b5f
96e91577f6be403fc263780e07e6b7839373588026f793d2b4edd77dcbba871e
GET /cookie/js.cookie9.js HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: application/javascript
Content-Length: 4395
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "16e07bf02a8e81d2cd5679dc45cc318c"
Last-Modified: Wed, 31 Aug 2022 09:31:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718ABD0B5749D3B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/backbutton_gmb.js
37.221.65.58200 OK 3.9 kB URL HTTP/1.1 briskbonus.life/media/gambling/backbutton_gmb.js
IP 37.221.65.58:0
File type ASCII text, with CRLF line terminators
Hash 42a42a2180debd55caba94527379964c
562c1754c94ce49326b0381805ee14d175487778
52afe26d88ec86edf4a46d872db86007597b8ff5f6d9e79e47c9e6b899d0b781
GET /media/gambling/backbutton_gmb.js HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: application/javascript
Content-Length: 3923
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "42a42a2180debd55caba94527379964c"
Last-Modified: Wed, 31 Aug 2022 09:34:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718ABD0B46B3EA4
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17876
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 09:11:49 GMT
Connection: keep-alive
briskbonus.life/media/gambling/exit_gmb.js
37.221.65.58200 OK 1.6 kB URL HTTP/1.1 briskbonus.life/media/gambling/exit_gmb.js
IP 37.221.65.58:0
File type ASCII text, with CRLF line terminators
Hash 5202df93e55f911a83a995fa38af7ee6
6c0ce8fd3d83e819b40bdff250b8c9331a2bbcf8
28ef9927757f823b79b11ebc2b24e22940e84492d5d78ede4591e4e520a43681
GET /media/gambling/exit_gmb.js HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: application/javascript
Content-Length: 1550
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "5202df93e55f911a83a995fa38af7ee6"
Last-Modified: Wed, 31 Aug 2022 09:34:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AC86136E3A47
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/confetti.js
37.221.65.58200 OK 3.5 kB URL HTTP/1.1 briskbonus.life/media/gambling/confetti.js
IP 37.221.65.58:0
File type ASCII text, with very long lines (3533), with no line terminators
Hash 116c9460f5e882a7fcf4e837f7efc72a
13a88e74735d05985e5d07e8cbff716329f5d81c
651141c8290087af54c66793aa063ee5697661fb914925f56bd09390a2895ce4
GET /media/gambling/confetti.js HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: application/javascript
Content-Length: 3533
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "116c9460f5e882a7fcf4e837f7efc72a"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718ABD08AF70140
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ff2dbdbf6d450f0d9774777b3c5aa6e
2f7876bd0e4b52aa04ccf1c2a45359156eaefb97
4c2184b8150834adf1e9ec807f3175b6fcd574920a98c857db2cfb01b78da2fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7701
x-amzn-requestid: 63bfd7b5-f18e-4396-99a8-fb24dee1ee0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGCmmGswoAMF2zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324af6-04fa1b18525182b7213f844c;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:59:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KT47E-2_0O70MgMbGzSjvVaFrWwQybXKo_dkWMw2vnqBElOZtT_Big==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
age: 29154
etag: "2f7876bd0e4b52aa04ccf1c2a45359156eaefb97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 40951
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 41342
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91d97447a6a35813e57d942f685544c4
3b660de9902fbfcf2efb477f40480b08545ebc5f
08c1ea19c4918273da12c9a2e962edf4463c486a30f60c8a279a45e5edcf972a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11881
x-amzn-requestid: 4562e550-9c0f-407b-be2a-3c5d8901d444
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2apSEPuIAMF5TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c0b08-5c5f052f146d25a7190412d1;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:13:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EAiLlHN2h6EPX0idrlQG4TIyGBMt_In0_Tpy79foal99j4xoRasO-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:23:49 GMT
age: 38880
etag: "3b660de9902fbfcf2efb477f40480b08545ebc5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa70ece15044b7318cb11ae5e37a64e7
04a0665f771562c3e56ac3542abe5bd3c4c1a6b5
8c974283b2ba0058114404af3e4818daa8cc56f270cb8a46f5f2f54de9d2f0e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8255
x-amzn-requestid: 3bf29c4a-406a-4645-ad18-44cd6f05d457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VnFEV-IAMFQMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfc6-3eaa337d1e1c1b6d5e951419;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qkOlqM6tJ90H9572YLE0J-s79edBSceM5hLbJtyyuH86xdW8juoktA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 13:28:31 GMT
age: 70998
etag: "04a0665f771562c3e56ac3542abe5bd3c4c1a6b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash efaaa002eb6251769ea6dbf306ced3a1
9f99fa947a603fd6b10ff149e379cd04ad83d27a
238e0ca1aa29223416c34ef2dfcc6570c00e27a98991d91efc16e9bc4083c197
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4573
x-amzn-requestid: ff35a66a-caf2-4ff4-b850-01a584fc2aa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1B8FzLIAMFSPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296872-5b4a410a2827baf5598d58e7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:14:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NFjYOqhUeb3yyjMNWpoBNq_xcsX3wXvc3-rqJt4cGbJXY9Sxr5KpDA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 15:29:19 GMT
age: 63750
etag: "9f99fa947a603fd6b10ff149e379cd04ad83d27a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
briskbonus.life/media/gambling/en/slotbar/returnDate.no.js
37.221.65.58200 OK 1.2 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/returnDate.no.js
IP 37.221.65.58:0
Hash dbdb981f8658c845968ec8226f81d1d8
d679b7bf47f71cd55b6c307cf96146a95660d667
5c9b1b4991000ba0178363dd1c57556fe2d6b433f6d4eef927c2cd15d55660fa
GET /media/gambling/en/slotbar/returnDate.no.js HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: application/javascript
Content-Length: 1242
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "dbdb981f8658c845968ec8226f81d1d8"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718ACAA2CD515D1
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/plR22yu.jpg
37.221.65.58200 OK 1.0 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/plR22yu.jpg
IP 37.221.65.58:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 51x51, components 3\012- data
Hash 7a532123e2eda81e018b8c1f90c8b3bd
e03576434acd69d708fae0f3f8df07e93d152280
9545948eefe774be5121de01ef9c14207891c35116bba14056471a59e4c212a1
GET /media/gambling/en/slotbar/plR22yu.jpg HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: image/jpeg
Content-Length: 1017
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "7a532123e2eda81e018b8c1f90c8b3bd"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AB73E02A0EB6
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/img1.jpg
37.221.65.58200 OK 1.3 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/img1.jpg
IP 37.221.65.58:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash c3c59916d3b4977017c89125dc42b664
c8e5a97a6e9fbf41558c09c65b2ca6df9ba8723a
aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9
GET /media/gambling/en/slotbar/img1.jpg HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: image/jpeg
Content-Length: 1315
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "c3c59916d3b4977017c89125dc42b664"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AB73CD8CDE19
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/red-arrow-right.png
37.221.65.58200 OK 1.1 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/red-arrow-right.png
IP 37.221.65.58:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash c4d30de24dab6f826e7f27286beaceaa
b42751f5e5ebb1561fc9809235df332e8eb0f8c8
124c45624ec8d62cec06559dcfcd78ae0c686964ffe05911a836a0e4e1410081
GET /media/gambling/en/slotbar/red-arrow-right.png HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: image/png
Content-Length: 1089
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "c4d30de24dab6f826e7f27286beaceaa"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AB73C9D76BDC
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/slot-result-1.png
37.221.65.58200 OK 20 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/slot-result-1.png
IP 37.221.65.58:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 54c5bc3e91c88eeff2a8f7f9b07f1fe1
2751cefef9a5045394300d8bfc97e40bc0b7cd9a
989811ca7ffc1465a01cba4e46074e231acb6cf0881a0bb82652025f5cefa3de
GET /media/gambling/en/slotbar/slot-result-1.png HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: image/png
Content-Length: 19469
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "54c5bc3e91c88eeff2a8f7f9b07f1fe1"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AB73BE24A0F6
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/7wSpKDu.jpg
37.221.65.58200 OK 2.0 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/7wSpKDu.jpg
IP 37.221.65.58:0
File type JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Hash 6d02d5cf49120718501b9a6629290c48
a7bfde16cd37f6a331e8f17fbfc2f1772a5929a1
84d7f0648aeba8d80bb0f47e781cba8955b8fa7425748d9830c7a8c9bc35e5e9
GET /media/gambling/en/slotbar/7wSpKDu.jpg HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: image/jpeg
Content-Length: 2037
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "6d02d5cf49120718501b9a6629290c48"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AB73D3659B38
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/3temv7e.jpg
37.221.65.58200 OK 1.2 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/3temv7e.jpg
IP 37.221.65.58:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash a848711320a9df61e6457f65b0dfa9fb
68a62a84d89f4f9e1e831a6cef920797c7f2e7d5
aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0
GET /media/gambling/en/slotbar/3temv7e.jpg HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: image/jpeg
Content-Length: 1169
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "a848711320a9df61e6457f65b0dfa9fb"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AB73D34B9A48
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/slot-start.png
37.221.65.58200 OK 25 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/slot-start.png
IP 37.221.65.58:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 794c929de9d8b06cf941920aeeceecee
e411636320af6e768cdde0a1ed3cc3cbc5eecc11
c9b63b519ca7e209c7adc6268f0112d83913e09ec44bebb3a8308897eebdef6f
GET /media/gambling/en/slotbar/slot-start.png HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: image/png
Content-Length: 24873
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "794c929de9d8b06cf941920aeeceecee"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AB73B976966C
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/slot-win.png
37.221.65.58200 OK 14 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/slot-win.png
IP 37.221.65.58:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash efb5cc057d90910eac87b874ae4dba74
6e24b4b704bee110a184ebe7b560bd3e91c73171
89c8a97b460a4fdca3c3bae5cc2f0aac9ca347ba18b6edf90c1c83ea953a6194
GET /media/gambling/en/slotbar/slot-win.png HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: image/png
Content-Length: 13853
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "efb5cc057d90910eac87b874ae4dba74"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AB73C2B21D38
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/slot-spin.gif
37.221.65.58200 OK 88 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/slot-spin.gif
IP 37.221.65.58:0
File type GIF image data, version 89a, 410 x 279\012- data
Hash 617c16c5e04c8603dd7f157862b1c682
1306296f9a666a7fc50f339a2a924ce8a3a18169
7f8e36cf7ac437d7c42440ef5f522c8e27adb06348b573192308038fa7c1dc7e
GET /media/gambling/en/slotbar/slot-spin.gif HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: image/gif
Content-Length: 87599
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "617c16c5e04c8603dd7f157862b1c682"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AB73BBC55A02
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/red-arrow-left.png
37.221.65.58200 OK 1.1 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/red-arrow-left.png
IP 37.221.65.58:0
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 58f67f1674f5133b9925d3ae27dc0498
81c764ff6133a59dac942dfc76d77ee7c942fc03
29879956bc91fc604349179daa4c866d15cc6a6b120e0e6abb5ff0d078c7484b
GET /media/gambling/en/slotbar/red-arrow-left.png HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: image/png
Content-Length: 1059
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "58f67f1674f5133b9925d3ae27dc0498"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AB73C2EBFE25
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/KqX499j.png
37.221.65.58200 OK 2.2 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/KqX499j.png
IP 37.221.65.58:0
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 8fe70ee687801d77e99e45efa5af9aa7
e49eefbb1115151d92af0285dc58416f0e9ab0f1
4d1d8a5b765092760f02f78036d8df58ad04f835c15619e9522c3f2ac932a0da
GET /media/gambling/en/slotbar/KqX499j.png HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: image/png
Content-Length: 2153
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "8fe70ee687801d77e99e45efa5af9aa7"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AB73E0161A67
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/yEUMY3v.jpg
37.221.65.58200 OK 1.6 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/yEUMY3v.jpg
IP 37.221.65.58:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 5da3831556c780010e0e5c5b967e43ce
574623afde349258b91d44849ef16d483b61e223
45f901bd7a281c73db028f014eb9196ad0297d6eaede94151bf2832946eb8f07
GET /media/gambling/en/slotbar/yEUMY3v.jpg HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: image/jpeg
Content-Length: 1608
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "5da3831556c780010e0e5c5b967e43ce"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AB73DD90597B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/yWwCB4c.jpg
37.221.65.58200 OK 2.3 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/yWwCB4c.jpg
IP 37.221.65.58:0
File type JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Hash 5edf4db493423ac10c72a27ad5c4a618
5c535d00eaeaa725b39e3e1167a12de5bd66a1f2
a7c86ca5470f7d68b4c5f1c87f29f7daf816d1bd95353091bba8753341bb6f5f
GET /media/gambling/en/slotbar/yWwCB4c.jpg HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: image/jpeg
Content-Length: 2336
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "5edf4db493423ac10c72a27ad5c4a618"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AB73D2B08A8F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/img2.jpg
37.221.65.58200 OK 1.3 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/img2.jpg
IP 37.221.65.58:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 92b944714cea3e478a8e50dea1a80b26
f12fc267be0ab02e2f3585b42df5b8c10d3cd3a5
fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205
GET /media/gambling/en/slotbar/img2.jpg HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: image/jpeg
Content-Length: 1297
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "92b944714cea3e478a8e50dea1a80b26"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AB73D0494E1D
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/DsrKpkj.jpg
37.221.65.58200 OK 1.5 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/DsrKpkj.jpg
IP 37.221.65.58:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 0d0f29abfcedc7dfffe3811a5100a6cd
19567e85aab4fd05d752cfa86f88087465042b0a
e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393
GET /media/gambling/en/slotbar/DsrKpkj.jpg HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: image/jpeg
Content-Length: 1506
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "0d0f29abfcedc7dfffe3811a5100a6cd"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AB73E033A8E0
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/slot-result-2.png
37.221.65.58200 OK 25 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/slot-result-2.png
IP 37.221.65.58:0
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 4922e4f8c0c5d208c89921d9a525cbe5
b756a0d6c3f726f00300c87fac1d3a915784ebdf
f13a99343fae8de26ee2e996fcc80487e9687ac5929eefd899db967fd124208c
GET /media/gambling/en/slotbar/slot-result-2.png HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: image/png
Content-Length: 25004
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "4922e4f8c0c5d208c89921d9a525cbe5"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AB73C29158B4
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/win.mp3
37.221.65.58206 Partial Content 10 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/win.mp3
IP 37.221.65.58:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 32 kbps, 32 kHz, Monaural\012- data
Hash bca40777013dec4a99eaa8b0b98a7fef
bc1c833577a1dcd82ad01a90e82898bc7b47cad7
635e9ee8fcd18bd4c3ae173f00f4c5cbf15ee90a27a302440e2e77c371314176
GET /media/gambling/en/slotbar/win.mp3 HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: audio/mpeg
Content-Length: 10391
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "bca40777013dec4a99eaa8b0b98a7fef"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
No-Gzip-Compression: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718ACAA4066B6D6
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Content-Range: bytes 0-10390/10391
briskbonus.life/media/gambling/en/slotbar/EKZrmbS.jpg
37.221.65.58200 OK 2.3 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/EKZrmbS.jpg
IP 37.221.65.58:0
File type JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Hash 7364bf39dcf0941d3a1760e46a562710
a358405162193128cceae8551e14648798bd4254
ba858c8ecc8f498253509a9251e5070ce3b3ad9950b704a22a9a1fb1efc62541
GET /media/gambling/en/slotbar/EKZrmbS.jpg HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: image/jpeg
Content-Length: 2264
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "7364bf39dcf0941d3a1760e46a562710"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AB73DA44A961
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/9PH2QqX.jpg
37.221.65.58200 OK 2.1 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/9PH2QqX.jpg
IP 37.221.65.58:0
File type JPEG image data, baseline, precision 8, 50x50, components 3\012- data
Hash f48aa7778890400e3be6131e64cd4236
9341d039b9f7de4eac9070c36fecac2772cc1ba0
388e1eb0cb648490ea1c4913f4ea3128f3fbfbda0608bf85e471d947db905302
GET /media/gambling/en/slotbar/9PH2QqX.jpg HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: image/jpeg
Content-Length: 2143
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "f48aa7778890400e3be6131e64cd4236"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718AB73D637C09F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
briskbonus.life/media/gambling/en/slotbar/spin.mp3
37.221.65.58206 Partial Content 8.8 kB URL HTTP/1.1 briskbonus.life/media/gambling/en/slotbar/spin.mp3
IP 37.221.65.58:0
File type MPEG ADTS, layer III, v2, 32 kbps, 16 kHz, JntStereo\012- data
Hash 5a2e10964c7fea8b0181831184bc0d97
8f5233dd6be372e7749c6cd8440db5b43de5a9c9
9b8fa3d6ccb98804102ffd59ee70c19e5d7ca7efabbe6c0d4471a1935348ee3d
GET /media/gambling/en/slotbar/spin.mp3 HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Server: nginx
Date: Tue, 27 Sep 2022 09:11:49 GMT
Content-Type: audio/mpeg
Content-Length: 8784
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "5a2e10964c7fea8b0181831184bc0d97"
Last-Modified: Wed, 31 Aug 2022 09:34:52 GMT
No-Gzip-Compression: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1718ACAA41067514
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Wed, 27 Sep 2023 09:11:49 GMT
Cache-Control: max-age=31536000, no-transform
Content-Range: bytes 0-8783/8784
briskbonus.life/favicon.ico
37.221.65.58204 No Content 0 B URL HTTP/1.1 briskbonus.life/favicon.ico
IP 37.221.65.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: briskbonus.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://briskbonus.life/?u=xunwwwr&o=b0hp0zn&cid=wagn70d6h5keu9bjiiuve2eu
Cookie: sid=t2~5ysyxjptwnsc4mupv3kstuc3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 27 Sep 2022 09:11:50 GMT
Connection: keep-alive
Cache-Control: no-transform