mrq.com/newoffer/75-wager-free-spins/onlinebingo?s1=&s2=&s3=&click=16913244&affid=169&campaign=41&gclid=&msclkid=&lpage=t4SH0x&resource=&site=326&referrer=emails.1cs.com&tgclid=02010047-135e-4ae7-b200-191e63df8c5c&tgsid=16913244
104.22.40.88301 Moved Permanently 0 B URL HTTP/1.1 mrq.com/newoffer/75-wager-free-spins/onlinebingo?s1=&s2=&s3=&click=16913244&affid=169&campaign=41&gclid=&msclkid=&lpage=t4SH0x&resource=&site=326&referrer=emails.1cs.com&tgclid=02010047-135e-4ae7-b200-191e63df8c5c&tgsid=16913244
IP 104.22.40.88:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /newoffer/75-wager-free-spins/onlinebingo?s1=&s2=&s3=&click=16913244&affid=169&campaign=41&gclid=&msclkid=&lpage=t4SH0x&resource=&site=326&referrer=emails.1cs.com&tgclid=02010047-135e-4ae7-b200-191e63df8c5c&tgsid=16913244 HTTP/1.1
Host: mrq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 11:01:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 12:01:02 GMT
Location: https://mrq.com/newoffer/75-wager-free-spins/onlinebingo?s1=&s2=&s3=&click=16913244&affid=169&campaign=41&gclid=&msclkid=&lpage=t4SH0x&resource=&site=326&referrer=emails.1cs.com&tgclid=02010047-135e-4ae7-b200-191e63df8c5c&tgsid=16913244
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794b254f99560a1f-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11186
Expires: Sun, 05 Feb 2023 14:07:28 GMT
Date: Sun, 05 Feb 2023 11:01:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7236
Expires: Sun, 05 Feb 2023 13:01:38 GMT
Date: Sun, 05 Feb 2023 11:01:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2576
Expires: Sun, 05 Feb 2023 11:43:58 GMT
Date: Sun, 05 Feb 2023 11:01:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 10:33:54 GMT
content-type: application/json
age: 1628
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hXLMflYfBlyJdteg7zOLJeHGJFH/XX7whBTeqc0Yu6PtkAtvs9L+zyE5fYHnt+TfvV0c8MN77u0=
x-amz-request-id: Q47HYNW64EJ7CNQW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 10:24:26 GMT
age: 2196
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 11:01:02 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 77484ff18544657f4b78e4497bbebca8
086645b1d19934325c63cb6d8e3aae29f69ab889
f5d474765479167c1f38f8f5f524947ade3581747acc251bf94d009e289babba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:02 GMT
Server: ECS (amb/6B8A)
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 77484ff18544657f4b78e4497bbebca8
086645b1d19934325c63cb6d8e3aae29f69ab889
f5d474765479167c1f38f8f5f524947ade3581747acc251bf94d009e289babba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:02 GMT
Last-Modified: Sun, 05 Feb 2023 11:01:02 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
euromero.ediemidnightzombies.com/sxp/i/160bf5a000f677bf90ef12f6b702e5e4.js
54.230.111.12200 OK 32 kB URL HTTP/2 euromero.ediemidnightzombies.com/sxp/i/160bf5a000f677bf90ef12f6b702e5e4.js
IP 54.230.111.12:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash b4417b9b0d46e94114a5cf28aac84ede
21284601866cec18150ccc1eadf69da61a8ed5ee
353e39707d50472d4dc3ec56c149b3fdf4ea4061c4b008c51a24ed76a32f5a3d
GET /sxp/i/160bf5a000f677bf90ef12f6b702e5e4.js HTTP/1.1
Host: euromero.ediemidnightzombies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 31933
content-encoding: gzip
server: Caddy
etag: "1576e-kAsZWBbw/4vk79E3z9PCxrM5sZ0"
cache-control: max-age=43200
date: Sun, 05 Feb 2023 06:47:24 GMT
expires: Sun, 05 Feb 2023 18:47:24 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VTy4kLuZO4P0CPt16ucQ86-j6NJ8iW2p8U9tIS0SfloC4CG05eNVFQ==
age: 15218
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 10:07:20 GMT
age: 3222
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10362
Expires: Sun, 05 Feb 2023 13:53:44 GMT
Date: Sun, 05 Feb 2023 11:01:02 GMT
Connection: keep-alive
perfalytics.com/static/js/freshpaint.js
143.204.55.25200 OK 33 kB URL HTTP/2 perfalytics.com/static/js/freshpaint.js
IP 143.204.55.25:0
Hash 94c176a917177120ec832dbadf69e234
58452a5b48a752a8d2a4764a498f7897f9eedf4b
4eb8cda339b5b35bdf03cc722aee760148db0721f02ea35fdc7e26ac1d4640ed
GET /static/js/freshpaint.js HTTP/1.1
Host: perfalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 04 Feb 2023 16:41:36 GMT
last-modified: Tue, 31 Jan 2023 23:31:23 GMT
x-amz-version-id: FtIRR1VPdtqR.DQRgpuVRrOOt7tWXcnu
etag: W/"29dd9d90d8cab6ccb9bd6d0414af6dfb"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lxWYfGjgzuhuoBdonoj7-YQ1DZ8KnzmeXBA54tLFGEiol7HfZJg0SQ==
age: 65967
X-Firefox-Spdy: h2
ik.imagekit.io/lindar/flicker-test/lp_ubethorus_bg_0de367887f_smtfxhfzo_551e2ca089
54.230.111.31200 OK 49 kB URL HTTP/2 ik.imagekit.io/lindar/flicker-test/lp_ubethorus_bg_0de367887f_smtfxhfzo_551e2ca089
IP 54.230.111.31:0
Hash 969ee8f4b53039f890d28946ebc46240
3014a38d1c8e860ebee390e26dd59a479bfbe137
b581de69efd5b5168a22929fb095541568428784d5159f4d0d62d92ce48f7702
GET /lindar/flicker-test/lp_ubethorus_bg_0de367887f_smtfxhfzo_551e2ca089 HTTP/1.1
Host: ik.imagekit.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 48226
x-request-id: d08a58cb-b5e9-4f15-9da0-80e154e4f16d
x-server: ImageKit.io
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
server-timing: download;dur=0
etag: W/"bc62-xDgYT6N4IQfxjkxbQlT5onBdZck"
date: Sun, 05 Feb 2023 11:01:02 GMT
vary: Accept,Save-Data
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: FsRRob89cwk7mTGC9mKJSvYdwHq7vfrf80k2g4kdZE1fGdoe6pKcJQ==
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-5LRGCV
142.250.74.168200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5LRGCV
IP 142.250.74.168:0
File type ASCII text, with very long lines (17155)
Hash 5032b1a49615c95214c92feffec05a0a
8d18d19841b4df44a52a7dd92506c485b1fb5449
f4d34b6850ac7ed2f9ca790fb69d3af08b2e1ff4be3dd132dc55a33e02a64488
GET /gtm.js?id=GTM-5LRGCV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 11:01:02 GMT
expires: Sun, 05 Feb 2023 11:01:02 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80599
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 2.2 kB IP 216.58.211.3:0
Hash a8cc9dd7c9b43dfd4d5823768df8e8dc
179694b544727b72faf6116a9d333fa0326c66aa
6ab016430f60c49913d6db5cae395c48e82385067ad02ab763ed30c654b0a718
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 1.1 kB URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash b8e7dbd77eeab6ddffcda4eeb274a0b1
1b9f8fcf5876de5e938911cdfc1ca61f42ede44b
addc7dabc649d5ee29b66ef642adc96174703e7f8f353d3257a16892f6b54089
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=127791
Date: Sun, 05 Feb 2023 11:01:03 GMT
Etag: "63decd3b-1d7"
Expires: Mon, 06 Feb 2023 22:30:54 GMT
Last-Modified: Sat, 04 Feb 2023 21:25:15 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Qggf9TMvA46V8KYEWMJtoP2rQeJA4FdOUX-imSEYurQKvq5TrKUeaQ==
Age: 3939
eor.ediemidnightzombies.com/ct?id=22030&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244%26cq_aff%3D169&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1675594902955&hl=1&op=0&ag=1317291471&rand=538201262606905195116001906297501979721098727062220196061828670109665118560&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDI1ODVdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDEsMSwwLDAsMCwyLDQ3LDAsMSwwLDAsMiwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDAsMCwwLDAsNCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwxLDIsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDUiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstMiwiMTAsSUxIWUxCOUJMVGEySnFRZzNGb2VlbDJ3WWJFMm9nQklLSjZjUjAwME1KSFF3WVRER1lhaHYzdXQ3MVZwWFI5TzgrTTVyVlNLczFrUEJlLy85OXNuVkpHcFVkUGZkenpuM09mYyJdLFstMywiW10iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJkYXRhTGF5ZXJcIixcImZyZXNocGFpbnRcIixcIl9fTE9BREFCTEVfTE9BREVEX0NIVU5LU19fXCIsXCJfX2N0Y2dfY3RfMjIwMzBfZXhlY1wiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjpkZXNjcmlwdGlvblwiLFwiYXBwbGUtbW9iaWxlLXdlYi1hcHAtdGl0bGVcIl19Il0sWy0xMiwiXCJ1bnNwZWNpZmllZFwiIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjE2Il0sWy0xOCwiWzEsMCwwLDBdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDAyLDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCw5MzksMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCItIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwiLSJdLFstMjcsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIjAiXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjc1NTk0OTAyOTE5LDBdIl0sWy0zNiwiW1wiNS80XCIsXCI1LzRcIl0iXSxbLTM3LCItIl0sWy0zOCwibCwtMSwtMSwzNDQsMCwyMiwwLDAsMTk2LDE1MSwtMSwwLCwsMTA4MiwxMDgyIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMTExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIjAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJVVEMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjAxMCJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMjg3Mjg5OTMyMFwiXSxcImRcIjpbXSxcImJcIjpbXSxcInNcIjoxfSJdLFstNTUsIjIiXSxbImRkYiIsIjAsOSwwLDAsMiwzLDAsMCwwLDEsMCwwLDAsMCwxLDAsMSwwLDEsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMiwwLDAsMSwzLDAsMCwwLDAsMCwwLDIsMiwyLDAsMTgsMCw0LDAsMCwwLDAsMSwwIl0sWyJibmNoIiwxMjldLFsiYWJuY2giLDEzMF1d&dep=0&pre=0&sdd=%7B%7D&cri=SC1hbq48DX&pto=1117&ver=50&gac=-&mei=&ap=&duid=1.1675594902.qpZEp5DtvGE5PAOW&suid=1.1675594902.ojHo2TRlBPS4X275&tuid=1.1675594902.wapRuxm2xO2qVwn7&fbc=->m=W10%3D&it=33%2C732%2C190&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
3.248.162.96200 OK 3.1 kB URL HTTP/2 eor.ediemidnightzombies.com/ct?id=22030&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244%26cq_aff%3D169&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1675594902955&hl=1&op=0&ag=1317291471&rand=538201262606905195116001906297501979721098727062220196061828670109665118560&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDI1ODVdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDEsMSwwLDAsMCwyLDQ3LDAsMSwwLDAsMiwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDAsMCwwLDAsNCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwxLDIsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDUiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstMiwiMTAsSUxIWUxCOUJMVGEySnFRZzNGb2VlbDJ3WWJFMm9nQklLSjZjUjAwME1KSFF3WVRER1lhaHYzdXQ3MVZwWFI5TzgrTTVyVlNLczFrUEJlLy85OXNuVkpHcFVkUGZkenpuM09mYyJdLFstMywiW10iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJkYXRhTGF5ZXJcIixcImZyZXNocGFpbnRcIixcIl9fTE9BREFCTEVfTE9BREVEX0NIVU5LU19fXCIsXCJfX2N0Y2dfY3RfMjIwMzBfZXhlY1wiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjpkZXNjcmlwdGlvblwiLFwiYXBwbGUtbW9iaWxlLXdlYi1hcHAtdGl0bGVcIl19Il0sWy0xMiwiXCJ1bnNwZWNpZmllZFwiIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjE2Il0sWy0xOCwiWzEsMCwwLDBdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDAyLDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCw5MzksMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCItIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwiLSJdLFstMjcsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIjAiXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjc1NTk0OTAyOTE5LDBdIl0sWy0zNiwiW1wiNS80XCIsXCI1LzRcIl0iXSxbLTM3LCItIl0sWy0zOCwibCwtMSwtMSwzNDQsMCwyMiwwLDAsMTk2LDE1MSwtMSwwLCwsMTA4MiwxMDgyIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMTExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIjAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJVVEMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjAxMCJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMjg3Mjg5OTMyMFwiXSxcImRcIjpbXSxcImJcIjpbXSxcInNcIjoxfSJdLFstNTUsIjIiXSxbImRkYiIsIjAsOSwwLDAsMiwzLDAsMCwwLDEsMCwwLDAsMCwxLDAsMSwwLDEsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMiwwLDAsMSwzLDAsMCwwLDAsMCwwLDIsMiwyLDAsMTgsMCw0LDAsMCwwLDAsMSwwIl0sWyJibmNoIiwxMjldLFsiYWJuY2giLDEzMF1d&dep=0&pre=0&sdd=%7B%7D&cri=SC1hbq48DX&pto=1117&ver=50&gac=-&mei=&ap=&duid=1.1675594902.qpZEp5DtvGE5PAOW&suid=1.1675594902.ojHo2TRlBPS4X275&tuid=1.1675594902.wapRuxm2xO2qVwn7&fbc=->m=W10%3D&it=33%2C732%2C190&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
IP 3.248.162.96:0
Hash 2c80e56a51cbadccd1f262bcf98b6d9d
993b5c80bc5c08e079454c3d34c3d87ed3c0a5b0
a23c4cfe6404b845da054b1b09c7a8c2d6d83f8fcfb4a304e089454835f33f95
GET /ct?id=22030&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244%26cq_aff%3D169&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1675594902955&hl=1&op=0&ag=1317291471&rand=538201262606905195116001906297501979721098727062220196061828670109665118560&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDI1ODVdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDEsMSwwLDAsMCwyLDQ3LDAsMSwwLDAsMiwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwzLDAsMCwwLDAsMCwwLDAsNCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwxLDIsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDUiXSxbLTEsIkxpbnV4IHg4Nl82NCJdLFstMiwiMTAsSUxIWUxCOUJMVGEySnFRZzNGb2VlbDJ3WWJFMm9nQklLSjZjUjAwME1KSFF3WVRER1lhaHYzdXQ3MVZwWFI5TzgrTTVyVlNLczFrUEJlLy85OXNuVkpHcFVkUGZkenpuM09mYyJdLFstMywiW10iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJkYXRhTGF5ZXJcIixcImZyZXNocGFpbnRcIixcIl9fTE9BREFCTEVfTE9BREVEX0NIVU5LU19fXCIsXCJfX2N0Y2dfY3RfMjIwMzBfZXhlY1wiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjpkZXNjcmlwdGlvblwiLFwiYXBwbGUtbW9iaWxlLXdlYi1hcHAtdGl0bGVcIl19Il0sWy0xMiwiXCJ1bnNwZWNpZmllZFwiIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjE2Il0sWy0xOCwiWzEsMCwwLDBdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDAyLDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCw5MzksMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCItIl0sWy0yMSwiLSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwiLSJdLFstMjcsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIjAiXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjc1NTk0OTAyOTE5LDBdIl0sWy0zNiwiW1wiNS80XCIsXCI1LzRcIl0iXSxbLTM3LCItIl0sWy0zOCwibCwtMSwtMSwzNDQsMCwyMiwwLDAsMTk2LDE1MSwtMSwwLCwsMTA4MiwxMDgyIl0sWy0zOSwiW1wiMjAxMDAxMDFcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsXCIyMDE4MTAwMTAwMDAwMFwiLG51bGwsZmFsc2UsbnVsbCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzciXSxbLTQxLCItIl0sWy00MiwiMTc3MDA1MDA4MSJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMTExMTAwMTAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIjAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJVVEMsZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjAxMCJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMjg3Mjg5OTMyMFwiXSxcImRcIjpbXSxcImJcIjpbXSxcInNcIjoxfSJdLFstNTUsIjIiXSxbImRkYiIsIjAsOSwwLDAsMiwzLDAsMCwwLDEsMCwwLDAsMCwxLDAsMSwwLDEsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMiwwLDAsMSwzLDAsMCwwLDAsMCwwLDIsMiwyLDAsMTgsMCw0LDAsMCwwLDAsMSwwIl0sWyJibmNoIiwxMjldLFsiYWJuY2giLDEzMF1d&dep=0&pre=0&sdd=%7B%7D&cri=SC1hbq48DX&pto=1117&ver=50&gac=-&mei=&ap=&duid=1.1675594902.qpZEp5DtvGE5PAOW&suid=1.1675594902.ojHo2TRlBPS4X275&tuid=1.1675594902.wapRuxm2xO2qVwn7&fbc=->m=W10%3D&it=33%2C732%2C190&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0 HTTP/1.1
Host: eor.ediemidnightzombies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/javascript
date: Sun, 05 Feb 2023 11:01:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
set-cookie: cg_uuid=51ea493f1cac9d0d45f0ec0a7f1b950d; Max-Age=29030400; Path=/; Expires=Sun, 07 Jan 2024 11:01:03 GMT; HttpOnly; Secure; SameSite=None
content-length: 1314
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.188.8.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.188.8.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yAYQPqxtgxKbOAthptF68w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RjNDJLeUdGVCNBKr42mZ3XF/Shs=
perfalytics.com/event-definitions/15edbcb5-4190-440d-9e23-cd154dadd5ef
143.204.55.25200 OK 54 kB URL HTTP/2 perfalytics.com/event-definitions/15edbcb5-4190-440d-9e23-cd154dadd5ef
IP 143.204.55.25:0
Hash 883794ba148729ba697793913f062372
ddc217c55fbf390c816908c9da30d04ffc668dbe
b33009b7ed9e3864f2685b916828bbd3031c57bf670ba3b46c1703b59f181817
GET /event-definitions/15edbcb5-4190-440d-9e23-cd154dadd5ef HTTP/1.1
Host: perfalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mrq.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 09 Dec 2022 12:14:18 GMT
x-amz-version-id: .WJIyRJNso51Hb50W._VKyZDCf31hGZ2
server: AmazonS3
content-encoding: gzip
date: Sun, 05 Feb 2023 11:01:03 GMT
cache-control: max-age=60,s-max-age=60
etag: W/"d876f11327f5e721a663f5fd03469098"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YfHxvMI0Dj4DuE6r_aYc2OfNpMCnRqaTpmEs2jgiW1UxvctgM6L0QQ==
age: 40
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Muli:400,400i,600,700,900&display=swap
142.250.74.74200 OK 45 kB URL HTTP/2 fonts.googleapis.com/css?family=Muli:400,400i,600,700,900&display=swap
IP 142.250.74.74:0
Hash 761afeb79b6ea9038507ecdace1a900f
6d75f6f1f28b291f47485d977479354edfec2d48
8813ac9f3ad69511b943415216acbf4422c3da6f15a86ae0eadd112fcb974268
GET /css?family=Muli:400,400i,600,700,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 11:01:02 GMT
date: Sun, 05 Feb 2023 11:01:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
eor.ediemidnightzombies.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136debc23cee4f8c9e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c138d6e2717071a10acf9f29f674c83d6d803253c4dff2b26578e6fdf36c301660576c052515863050dcfbb6b1b77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c2d4375060daedf28337a04acfc4e7ed9aaf02a99b508714b2ea2a5a4c29f73ebcfc248b5038e523c64ceec86a7b376cccee879cf774a91bac333074bb52071fbcf497bb08dbc2bd950aa04ad831ddf089a982a862563d4cc72c526d08bb6b090b0bd4573a87ae4e2a47e0e3bffd26e86f740be530502da4b09d98982c19eafd16b9b7b80c8e3cc7bea787032db2b7fcfd0904d28c2eb78ae0db8c51ed272ae73494d0b8839ae0cd2cea579e7c336d51fe28883cd31bf731677b94e1342735e6ec6ab3cf054dfda807bf4ce31b9802bde85f9ee7a9fefe050657586f81217daa6455b0ffba8f431f766c3be51efe22eb37ca035924ed517d2fd21c34b72e3b3c0643f3f7d02230a0911a9b5da648107e4530a146aa1e042de9e110dfdbadbbeaa3f8382b5aad0f5aef7425d20e913d3a4536f9f51274e8620022f7efc78ae7505d0b8d369981ea83797b97edfb20f85694a703208780f8e82b18d693917cf5a579fc1cba7a2990b1794a2ee25c38e773b988100207ba7c09f0f76e663dc00c108e92dc500c7da44a9c96ebbced696e11370e5f226719e64f0dfc3f74fc932706f518662514da3bf4dcdb006c0f298d457cc849b2e083747a220a803ae49bb816afb2e51750463296deb488f9f3253be6ac5aef13cd9cd53cd3419da517958dbaea67f5f8e008ae902c615724513e8292690aec969cd503b9f8c17a8dfdfe1df18a202574677ae05453198f80e5bbf2efbec8568d687fe044f7dbc6b260f01ca1e54ef99ec0656c1221396dfda4381abb88e3f65e437a91b78148c183175bebd1853c992bac4e8b30ff363e51795579dd0519fb4a67c25e5d0119eddebff&cri=SC1hbq48DX&ts=252&cb=1675594903207
3.248.162.96200 OK 43 B URL HTTP/2 eor.ediemidnightzombies.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136debc23cee4f8c9e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c138d6e2717071a10acf9f29f674c83d6d803253c4dff2b26578e6fdf36c301660576c052515863050dcfbb6b1b77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c2d4375060daedf28337a04acfc4e7ed9aaf02a99b508714b2ea2a5a4c29f73ebcfc248b5038e523c64ceec86a7b376cccee879cf774a91bac333074bb52071fbcf497bb08dbc2bd950aa04ad831ddf089a982a862563d4cc72c526d08bb6b090b0bd4573a87ae4e2a47e0e3bffd26e86f740be530502da4b09d98982c19eafd16b9b7b80c8e3cc7bea787032db2b7fcfd0904d28c2eb78ae0db8c51ed272ae73494d0b8839ae0cd2cea579e7c336d51fe28883cd31bf731677b94e1342735e6ec6ab3cf054dfda807bf4ce31b9802bde85f9ee7a9fefe050657586f81217daa6455b0ffba8f431f766c3be51efe22eb37ca035924ed517d2fd21c34b72e3b3c0643f3f7d02230a0911a9b5da648107e4530a146aa1e042de9e110dfdbadbbeaa3f8382b5aad0f5aef7425d20e913d3a4536f9f51274e8620022f7efc78ae7505d0b8d369981ea83797b97edfb20f85694a703208780f8e82b18d693917cf5a579fc1cba7a2990b1794a2ee25c38e773b988100207ba7c09f0f76e663dc00c108e92dc500c7da44a9c96ebbced696e11370e5f226719e64f0dfc3f74fc932706f518662514da3bf4dcdb006c0f298d457cc849b2e083747a220a803ae49bb816afb2e51750463296deb488f9f3253be6ac5aef13cd9cd53cd3419da517958dbaea67f5f8e008ae902c615724513e8292690aec969cd503b9f8c17a8dfdfe1df18a202574677ae05453198f80e5bbf2efbec8568d687fe044f7dbc6b260f01ca1e54ef99ec0656c1221396dfda4381abb88e3f65e437a91b78148c183175bebd1853c992bac4e8b30ff363e51795579dd0519fb4a67c25e5d0119eddebff&cri=SC1hbq48DX&ts=252&cb=1675594903207
IP 3.248.162.96:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /tracker/tc_imp.gif?e=37dfbd8ee84e00136debc23cee4f8c9e9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c138d6e2717071a10acf9f29f674c83d6d803253c4dff2b26578e6fdf36c301660576c052515863050dcfbb6b1b77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c2d4375060daedf28337a04acfc4e7ed9aaf02a99b508714b2ea2a5a4c29f73ebcfc248b5038e523c64ceec86a7b376cccee879cf774a91bac333074bb52071fbcf497bb08dbc2bd950aa04ad831ddf089a982a862563d4cc72c526d08bb6b090b0bd4573a87ae4e2a47e0e3bffd26e86f740be530502da4b09d98982c19eafd16b9b7b80c8e3cc7bea787032db2b7fcfd0904d28c2eb78ae0db8c51ed272ae73494d0b8839ae0cd2cea579e7c336d51fe28883cd31bf731677b94e1342735e6ec6ab3cf054dfda807bf4ce31b9802bde85f9ee7a9fefe050657586f81217daa6455b0ffba8f431f766c3be51efe22eb37ca035924ed517d2fd21c34b72e3b3c0643f3f7d02230a0911a9b5da648107e4530a146aa1e042de9e110dfdbadbbeaa3f8382b5aad0f5aef7425d20e913d3a4536f9f51274e8620022f7efc78ae7505d0b8d369981ea83797b97edfb20f85694a703208780f8e82b18d693917cf5a579fc1cba7a2990b1794a2ee25c38e773b988100207ba7c09f0f76e663dc00c108e92dc500c7da44a9c96ebbced696e11370e5f226719e64f0dfc3f74fc932706f518662514da3bf4dcdb006c0f298d457cc849b2e083747a220a803ae49bb816afb2e51750463296deb488f9f3253be6ac5aef13cd9cd53cd3419da517958dbaea67f5f8e008ae902c615724513e8292690aec969cd503b9f8c17a8dfdfe1df18a202574677ae05453198f80e5bbf2efbec8568d687fe044f7dbc6b260f01ca1e54ef99ec0656c1221396dfda4381abb88e3f65e437a91b78148c183175bebd1853c992bac4e8b30ff363e51795579dd0519fb4a67c25e5d0119eddebff&cri=SC1hbq48DX&ts=252&cb=1675594903207 HTTP/1.1
Host: eor.ediemidnightzombies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: cg_uuid=51ea493f1cac9d0d45f0ec0a7f1b950d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
date: Sun, 05 Feb 2023 11:01:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/1vmhpXYvMQg
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/1vmhpXYvMQg
IP 216.58.211.3:0
Hash d31ba1beacad338b6714678393e6aa90
18ccd4cb21a64b5482c80f59648962a50d7c90fd
61f24ddb7ae71444f3d9cb3ebd9e0f96901ffdb74ef64d2156228e552904b82a
POST /s/gts1d4/1vmhpXYvMQg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tgtag.io/tg.js?pid=tg-g-006992-001
34.120.230.83200 OK 32 kB URL HTTP/2 tgtag.io/tg.js?pid=tg-g-006992-001
IP 34.120.230.83:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 508072c63a35c84745dd1ef33706f34f
5db9b0f2db74f01c0a450f7c0a5d0901cc61d749
f10eba601f45922924f18cd57fdf391d29bacdf5098e3d0433b0d8b58c5d3358
GET /tg.js?pid=tg-g-006992-001 HTTP/1.1
Host: tgtag.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduIpK6-xEoFqckGQhXc_CI-B3O7SgWiiG12HJA8qzFy5MAw5vcEEmOZfzzg_0EmIp5ryFjOsCrSLjxCqT_lJ4ScJS8ECa61
vary: X-Goog-Allowed-Resources
x-goog-generation: 1675327980026762
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 31667
content-encoding: gzip
x-goog-hash: crc32c=oV25fg==, md5=UIByxjo1yEdF3R7zNwbzTw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 31667
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
server: UploadServer
date: Sun, 05 Feb 2023 08:57:00 GMT
expires: Mon, 06 Feb 2023 08:57:00 GMT
cache-control: public, no-transform, max-age=86400, s-maxage=86400
age: 7443
last-modified: Thu, 02 Feb 2023 08:53:00 GMT
etag: "508072c63a35c84745dd1ef33706f34f"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/1vmhpXYvMQg
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/1vmhpXYvMQg
IP 216.58.211.3:0
Hash d31ba1beacad338b6714678393e6aa90
18ccd4cb21a64b5482c80f59648962a50d7c90fd
61f24ddb7ae71444f3d9cb3ebd9e0f96901ffdb74ef64d2156228e552904b82a
POST /s/gts1d4/1vmhpXYvMQg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.perfalytics.com/track
143.204.55.28200 OK 0 B URL HTTP/2 api.perfalytics.com/track
IP 143.204.55.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /track HTTP/1.1
Host: api.perfalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://mrq.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 0
date: Sun, 05 Feb 2023 11:01:03 GMT
x-amzn-requestid: 1dcd60e8-8f5f-4448-8490-03d095555d8b
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: f3LheGkxvHcF_bA=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-max-age: 86400
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MZfTwkwL1B8zxh84WBrIXGkfUDhOd2V-w1opuHiqe60SmHqRM5_vBg==
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/M7vREfWOEdc
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/M7vREfWOEdc
IP 216.58.211.3:0
Hash 69f2d0b0db77dbd8bc36aa5fe7fda848
546a31ac196c46ea13dffef7aad6cfe2acca806c
197d6587533e9e5126a6896beb311d8039bcbfb664a6e5ff368862ee0b45b2f8
POST /s/gts1d4/M7vREfWOEdc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.trafficguard.ai/tg-g-006992-001/api/v4/client-side/validate/event
34.120.121.20200 OK 61 B URL HTTP/2 api.trafficguard.ai/tg-g-006992-001/api/v4/client-side/validate/event
IP 34.120.121.20:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1ee7cd02b35c7097455eca23d537d40b
f95ae0ab0201aaef86698c9ac66d680fd4e046a0
18cccf9f3ae615df065ef20111e050bb202254d4cf780c150927f51d00d6bffc
POST /tg-g-006992-001/api/v4/client-side/validate/event HTTP/1.1
Host: api.trafficguard.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Content-Length: 2495
Origin: https://mrq.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expect-ct: max-age=0, report-uri="https://trafficguard.report-uri.com/r/d/ct/reportOnly"
x-xss-protection: 0
x-content-type-options: nosniff
access-control-allow-origin: https://mrq.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-Requested-With, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
set-cookie: geid=01010004-6a5b-4196-9700-15a263df8c6f; Domain=.trafficguard.ai; Path=/; Expires=Mon, 05 Feb 2024 11:01:03 GMT; HttpOnly; Secure; SameSite=None
geid-legacy=01010004-6a5b-4196-9700-15a263df8c6f; Domain=.trafficguard.ai; Path=/; Expires=Mon, 05 Feb 2024 11:01:03 GMT; HttpOnly
content-type: application/json; charset=utf-8
content-length: 61
etag: W/"3d-+VrgqwIBqu+GaYyaxm1oD9TgRqA"
date: Sun, 05 Feb 2023 11:01:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 3bcd50c56ee654bff110c086021a748d
4084a43a95113bbb1d1e62d0457b11ddcf4112da
a97a2c7ef9b57a1e1ed29d93f23c7382e9cac80cd1ef395763bc58fc598aee4c
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100113
Date: Sun, 05 Feb 2023 11:01:03 GMT
Etag: "63de5b2c-1d7"
Expires: Mon, 06 Feb 2023 14:49:36 GMT
Last-Modified: Sat, 04 Feb 2023 13:18:36 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kQ1KEADz2UFm37xqSbPiC7aJAo2q9fG8rpM_xDBWIFxNqKQmE0_XGA==
Age: 5460
ocsp.pki.goog/s/gts1d4/M7vREfWOEdc
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/M7vREfWOEdc
IP 216.58.211.3:0
Hash 69f2d0b0db77dbd8bc36aa5fe7fda848
546a31ac196c46ea13dffef7aad6cfe2acca806c
197d6587533e9e5126a6896beb311d8039bcbfb664a6e5ff368862ee0b45b2f8
POST /s/gts1d4/M7vREfWOEdc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.perfalytics.com/track
143.204.55.28200 OK 0 B URL HTTP/2 api.perfalytics.com/track
IP 143.204.55.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /track HTTP/1.1
Host: api.perfalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://mrq.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 0
date: Sun, 05 Feb 2023 11:01:03 GMT
x-amzn-requestid: 0fb09cef-a438-43cf-986e-a26552f499b1
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: f3LhhFnQvHcFhTw=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-max-age: 86400
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GVhdP5trugGO5dExZy7crMWV86WG8TZ7VTrLLL_Zs7ipOaYraAUQXw==
X-Firefox-Spdy: h2
api.perfalytics.com/track
143.204.55.28200 OK 0 B URL HTTP/2 api.perfalytics.com/track
IP 143.204.55.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /track HTTP/1.1
Host: api.perfalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://mrq.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 0
date: Sun, 05 Feb 2023 11:01:03 GMT
x-amzn-requestid: 5ccdec10-23e4-4b28-b915-f2b87f7f3a64
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: f3LhhH5CvHcF2vA=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-max-age: 86400
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aDGvRpzYuji9hvBiIc5Y13lymY--6Vxqjx07uPvb-lGFH9Nqlb0VBw==
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-LVVSBNERK6>m=45je3210&_p=321463360&cid=879268049.1675594903&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675594903&sct=1&seg=0&dl=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&dt=MrQ%20%7C%20ONLINEBINGO&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-LVVSBNERK6>m=45je3210&_p=321463360&cid=879268049.1675594903&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675594903&sct=1&seg=0&dl=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&dt=MrQ%20%7C%20ONLINEBINGO&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LVVSBNERK6>m=45je3210&_p=321463360&cid=879268049.1675594903&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675594903&sct=1&seg=0&dl=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&dt=MrQ%20%7C%20ONLINEBINGO&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: null
date: Sun, 05 Feb 2023 11:01:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ik.imagekit.io/lindar/flicker-test/lp_demoslot_header_5d57b1ab62_mv4vhl_j_90fdf7a6e3
54.230.111.31200 OK 105 kB URL HTTP/2 ik.imagekit.io/lindar/flicker-test/lp_demoslot_header_5d57b1ab62_mv4vhl_j_90fdf7a6e3
IP 54.230.111.31:0
File type PNG image data, 617 x 537, 8-bit colormap, non-interlaced\012- data
Size 105 kB (105309 bytes)
Hash ffa75760b39dfbde4579f22adb17a2b5
9ce830394a24df49f3f65180e60824fa1185b613
686fff09e802f7662cc20d679d2c3f946afcbd4dea0a89488b3e5edd8573c5dd
GET /lindar/flicker-test/lp_demoslot_header_5d57b1ab62_mv4vhl_j_90fdf7a6e3 HTTP/1.1
Host: ik.imagekit.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 105309
x-request-id: b4ceb256-166f-45be-9bad-07dfc79fa825
x-server: ImageKit.io
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
server-timing: transformation;dur=989,download;dur=257
etag: W/"19b5d-nOgwOUok30nz9lGA5ggk+hGFthM"
date: Sun, 05 Feb 2023 11:01:04 GMT
vary: Accept,Save-Data
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: pBYo4-1qzVCmtFdQ09PU_whCUBADN0DpFX8I26lPflWY--hLiUHb-Q==
X-Firefox-Spdy: h2
api.perfalytics.com/track
143.204.55.28200 OK 133 B URL HTTP/2 api.perfalytics.com/track
IP 143.204.55.28:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e33eb83d17eee33df40163eb894d6b2d
b872110b09f7c23af8267356cde6f29e7f57141c
525dec123bad50c02d3f1777385786d82b45b589ce47410f3006ee35c80fc9d2
POST /track HTTP/1.1
Host: api.perfalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 982
Origin: https://mrq.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 133
date: Sun, 05 Feb 2023 11:01:04 GMT
x-amzn-requestid: 287083f5-9f5f-432b-8910-501ec5aa1340
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: f3LhiHgGvHcFUiw=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-trace-id: Root=1-63df8c70-2e411c257d7b35ee2e17df83
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: N392wCP-9v92Yw-6Inm1SAqV3g835ftpfvQ9dB4SQoKhOA47iU1dIA==
X-Firefox-Spdy: h2
eor.ediemidnightzombies.com/mon
3.248.162.96200 OK 0 B URL HTTP/2 eor.ediemidnightzombies.com/mon
IP 3.248.162.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: eor.ediemidnightzombies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1761
Origin: https://mrq.com
Connection: keep-alive
Cookie: cg_uuid=51ea493f1cac9d0d45f0ec0a7f1b950d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://mrq.com
content-type: application/json
date: Sun, 05 Feb 2023 11:01:04 GMT
content-length: 0
X-Firefox-Spdy: h2
eor.ediemidnightzombies.com/mon
3.248.162.96200 OK 0 B URL HTTP/2 eor.ediemidnightzombies.com/mon
IP 3.248.162.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: eor.ediemidnightzombies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1756
Origin: https://mrq.com
Connection: keep-alive
Cookie: cg_uuid=51ea493f1cac9d0d45f0ec0a7f1b950d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://mrq.com
content-type: application/json
date: Sun, 05 Feb 2023 11:01:04 GMT
content-length: 0
X-Firefox-Spdy: h2
api.perfalytics.com/track
143.204.55.28200 OK 133 B URL HTTP/2 api.perfalytics.com/track
IP 143.204.55.28:0
File type JSON data\012- , ASCII text, with no line terminators
Hash afa1c8f5b66e2c06e060515596e444d5
1c4b261a2173a468a1ef353589c4e594e1dd0e8d
ea411875f38cb272a4d1119f2df8d471c049436890da51d159ecea855873639b
POST /track HTTP/1.1
Host: api.perfalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1032
Origin: https://mrq.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 133
date: Sun, 05 Feb 2023 11:01:04 GMT
x-amzn-requestid: f0f87ee8-bc83-4f25-9655-dedd050830aa
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: f3LhlEZbPHcFoig=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-trace-id: Root=1-63df8c70-4d5d9e7a3b13696a7a786745
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0mVM5qjlNZL5nF0_PKCBEurweLRC6h_PvDByXpBx466SDXkCECwimw==
X-Firefox-Spdy: h2
api.perfalytics.com/track
143.204.55.28200 OK 133 B URL HTTP/2 api.perfalytics.com/track
IP 143.204.55.28:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 97a3400a92beebf014d382a47193b0e8
0222d212252c760857f79709e9ab1db2bbecb8d9
a1a25fdb23d12b88fad9c7547cdaa801429ac369e458c9252a350bc0dd7a12b5
POST /track HTTP/1.1
Host: api.perfalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1151
Origin: https://mrq.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 133
date: Sun, 05 Feb 2023 11:01:04 GMT
x-amzn-requestid: 4f111df6-edfc-4f37-b6e5-3b8c643de33f
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: f3LhlFQ_PHcFYrA=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-trace-id: Root=1-63df8c70-63531ea4215eb0cb0092445d
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3jLHAaJAABXyUKWqQV1iWuM1a5SOkdW5nDqij1uYp78sgA3KJo4r9w==
X-Firefox-Spdy: h2
widget.getblue.io/event/?cId=FE234AE0-B17A-69ED-DFDDD90C731389A6&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&v=13072020-1328&if=0&nocache=4635244943055.912
52.67.253.125200 OK 13 B URL HTTP/2 widget.getblue.io/event/?cId=FE234AE0-B17A-69ED-DFDDD90C731389A6&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&v=13072020-1328&if=0&nocache=4635244943055.912
IP 52.67.253.125:0
File type exported SGML document, ASCII text
Hash 365db0225d53bbc9ccd23fdf5c704caa
719e41ad1d8198dc13f0aa2c416f42389c2c56ae
eb99134542c987f687360d120213eeec049a290d73d2302ee1b74a01ce279f4d
GET /event/?cId=FE234AE0-B17A-69ED-DFDDD90C731389A6&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&v=13072020-1328&if=0&nocache=4635244943055.912 HTTP/1.1
Host: widget.getblue.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:01:04 GMT
content-type: text/javascript;charset=UTF-8
content-length: 13
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 721c3f2797fcac86eff0c208d119cba7
d9f8bc5796e32c8679f440a4ed55b2e389cc7345
fc2c30fe66b2dd2d05f7a2d76b5ad9b3689c2f8439d14921fc70b190e9944c37
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 335
Cache-Control: max-age=166617
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:04 GMT
Etag: "63df72fa-1d7"
Expires: Tue, 07 Feb 2023 09:18:01 GMT
Last-Modified: Sun, 05 Feb 2023 09:12:26 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 05 Feb 2023 09:45:20 GMT
expires: Sun, 05 Feb 2023 11:45:20 GMT
cache-control: public, max-age=7200
age: 4544
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Sun, 05 Feb 2023 11:01:04 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1657-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: A8unbNLzle66hXeE5vM5v9mCP+bhPW2HwXce/bTe+isGoQOAyIRL/tGnr61RZ1qovTPJjrWQKwR/Eb8hgpyYvg==
content-length: 27843
x-fb-trip-id: 1904183273
date: Sun, 05 Feb 2023 11:01:04 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39395), with no line terminators
Hash 4f378a725368a42971cd69e29f75db89
2a1cdf193b346d9281c6e04a9b3775e7fc1ae11e
6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11552
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ranges: bytes
etag: "076bc30652fd91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3BAADA89032741D6AC9868323C7BA53E Ref B: OSL30EDGE0417 Ref C: 2023-02-05T11:01:04Z
date: Sun, 05 Feb 2023 11:01:04 GMT
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip/1464003/tfa.js
151.101.193.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1464003/tfa.js
IP 151.101.193.44:0
File type ASCII text, with very long lines (59647)
Hash 9bf41f64fb7f3197ef7398e7d6af9ede
d0e553df2ac1d51e8518ede384b2f8b0945abac8
9e538b57c0ddbacf59cd084a96351dff76f0ff36043c6cf4412e7e0aaa688f61
GET /libtrc/unip/1464003/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FPgdxKnij/KJE/EsHM/axEZ99YrbWPUrLScvqSE7dhXd4qByDHXnF8soT3ExkRCPzP5WEoq5pS8=
x-amz-request-id: SH36NQBRT5F0JV6Y
x-amz-replication-status: COMPLETED
last-modified: Sun, 29 Jan 2023 11:06:01 GMT
etag: "e76470fe12ac2e17cc7f3425aea68f7b"
x-amz-version-id: NFEw6peLy4ZBpOXWiNFyEP_ssf.G5m38
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 11:01:04 GMT
via: 1.1 varnish
age: 124
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675594865.606808,VS0,VE5
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 99
content-length: 18339
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/953627164/?random=1675594903282&cv=11&fst=1675594903282&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tiba=MrQ%20%7C%20ONLINEBINGO&auid=1718162504.1675594903&data=event%3Dgtag.config&rfmt=3&fmt=4
216.58.211.2200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/953627164/?random=1675594903282&cv=11&fst=1675594903282&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tiba=MrQ%20%7C%20ONLINEBINGO&auid=1718162504.1675594903&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 216.58.211.2:0
File type ASCII text, with very long lines (2393), with no line terminators
Hash 6881e4429661ba33ee852ef6a8f70d6f
819a77a860208201bbee9d0e3bde936235928333
cf4b95091925fae1a835a995c081b6482b40c3ace818868b1a7341f247d04719
GET /pagead/viewthroughconversion/953627164/?random=1675594903282&cv=11&fst=1675594903282&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tiba=MrQ%20%7C%20ONLINEBINGO&auid=1718162504.1675594903&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 11:01:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1048
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Feb-2023 11:16:04 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a78b06ca527ce7542b24b349e0485d8b
6f5e5126c1c9d40c9ba09d58e1755d2ca39d02ab
bc7dc156ab8b2b33422fff0922e219246eb1d12469d10ac8007416fed41ac473
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/953627164/?random=1675594903292&cv=11&fst=1675594903292&fmt=3&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=EJOFCMCMtcIDEJzk3MYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tiba=MrQ%20%7C%20ONLINEBINGO>m_ee=1&auid=1718162504.1675594903&data=event%3Dconversion&gcp=1&ct_cookie_present=1
216.58.211.2200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/953627164/?random=1675594903292&cv=11&fst=1675594903292&fmt=3&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=EJOFCMCMtcIDEJzk3MYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tiba=MrQ%20%7C%20ONLINEBINGO>m_ee=1&auid=1718162504.1675594903&data=event%3Dconversion&gcp=1&ct_cookie_present=1
IP 216.58.211.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/953627164/?random=1675594903292&cv=11&fst=1675594903292&fmt=3&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=EJOFCMCMtcIDEJzk3MYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tiba=MrQ%20%7C%20ONLINEBINGO>m_ee=1&auid=1718162504.1675594903&data=event%3Dconversion&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 11:01:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Feb-2023 11:16:04 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 721c3f2797fcac86eff0c208d119cba7
d9f8bc5796e32c8679f440a4ed55b2e389cc7345
fc2c30fe66b2dd2d05f7a2d76b5ad9b3689c2f8439d14921fc70b190e9944c37
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 335
Cache-Control: max-age=166617
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:04 GMT
Etag: "63df72fa-1d7"
Expires: Tue, 07 Feb 2023 09:18:01 GMT
Last-Modified: Sun, 05 Feb 2023 09:12:26 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
www.google.com/pagead/1p-conversion/953627164/?random=1675594903292&cv=11&fst=1675594903292&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=EJOFCMCMtcIDEJzk3MYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tiba=MrQ%20%7C%20ONLINEBINGO>m_ee=1&auid=1718162504.1675594903&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/953627164/?random=1675594903292&cv=11&fst=1675594903292&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=EJOFCMCMtcIDEJzk3MYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tiba=MrQ%20%7C%20ONLINEBINGO>m_ee=1&auid=1718162504.1675594903&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/953627164/?random=1675594903292&cv=11&fst=1675594903292&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=EJOFCMCMtcIDEJzk3MYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tiba=MrQ%20%7C%20ONLINEBINGO>m_ee=1&auid=1718162504.1675594903&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 11:01:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/953627164/?random=1675594903292&cv=11&fst=1675594903292&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=EJOFCMCMtcIDEJzk3MYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tiba=MrQ%20%7C%20ONLINEBINGO>m_ee=1&auid=1718162504.1675594903&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=321463360&t=pageview&_s=1&dl=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&ul=en-us&de=UTF-8&dt=MrQ%20%7C%20ONLINEBINGO&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAACAAI~&jid=864831874&gjid=185403511&cid=879268049.1675594903&tid=UA-58708780-1&_gid=1242649990.1675594905&_r=1&_slc=1>m=45He3210n715LRGCV&z=1027211481
142.250.74.46200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=321463360&t=pageview&_s=1&dl=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&ul=en-us&de=UTF-8&dt=MrQ%20%7C%20ONLINEBINGO&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAACAAI~&jid=864831874&gjid=185403511&cid=879268049.1675594903&tid=UA-58708780-1&_gid=1242649990.1675594905&_r=1&_slc=1>m=45He3210n715LRGCV&z=1027211481
IP 142.250.74.46:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j99&a=321463360&t=pageview&_s=1&dl=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&ul=en-us&de=UTF-8&dt=MrQ%20%7C%20ONLINEBINGO&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAACAAI~&jid=864831874&gjid=185403511&cid=879268049.1675594903&tid=UA-58708780-1&_gid=1242649990.1675594905&_r=1&_slc=1>m=45He3210n715LRGCV&z=1027211481 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://mrq.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://mrq.com
date: Sun, 05 Feb 2023 11:01:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5555
Expires: Sun, 05 Feb 2023 12:33:39 GMT
Date: Sun, 05 Feb 2023 11:01:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5555
Expires: Sun, 05 Feb 2023 12:33:39 GMT
Date: Sun, 05 Feb 2023 11:01:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5555
Expires: Sun, 05 Feb 2023 12:33:39 GMT
Date: Sun, 05 Feb 2023 11:01:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5555
Expires: Sun, 05 Feb 2023 12:33:39 GMT
Date: Sun, 05 Feb 2023 11:01:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5555
Expires: Sun, 05 Feb 2023 12:33:39 GMT
Date: Sun, 05 Feb 2023 11:01:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jIvBQjGh9JzWQM0YpEYiqP5CcBrkwqLVjAYhMWJ1P1H0MRkm7kpnpg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:12:06 GMT
age: 46138
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7fff69db25a1c7a3fbe154a3c80ac5aa
638e08807f73b70ab87b804816f9eb3e8dd2aa74
be96b347ba90dda9c39975077d963ff875831a14a4269e28edc0d2f80928bba6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: af4c4533-48b8-4b02-951a-3e61933fb126
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3fyFrMoAMFr_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c64-0346b30d0ded67912070f671;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IJBXK8DSlmaj48MVSTo-8A69jOe3x2cvnZYRLfyXZ7jZWqsMbTZsEg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:52 GMT
age: 47832
etag: "638e08807f73b70ab87b804816f9eb3e8dd2aa74"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 38c58626-f4ad-4e2b-ad71-a628519d2ea2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmEdHFwCoAMFhxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8b453-7da6d0c1093468d320caaa1e;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 06:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t8dZTwod1-pZr8ACfp-6gfEu0TA3kGpfJrQeF8VgLg2tlrt03sa6Bg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:40:08 GMT
age: 26456
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 13:05:46 GMT
age: 78918
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 14:53:45 GMT
age: 72439
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5beaead015b2b4fb6d36009926ba0378
67e7c49ea7648fc6d1dffc22588862c993b785b7
6ae0cec9ade23fd53e9c1407b0324a8060892a65a6b675ccffa4a4c82b66f1ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 280f7003-2696-4a82-bd50-82b0a2b66faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsSpoEA0oAMFSBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db3170-35dcb9513c891af201b973d1;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 03:43:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 00Sp1Thtp-YIGYmu7qIB6GtKBxOGLgcAse2SusryA8xaBrnWQDD-Hg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:04:01 GMT
age: 46623
etag: "67e7c49ea7648fc6d1dffc22588862c993b785b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 7a9768106025a9f4e59a86f5687e3893
72b66546ff4e559a5b714ff744e35339a8cbb0fb
d4498f74d8540f28502182eff0eb73d81c50f942bf6bd1e2cda1e440ce9d745f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2443
Cache-Control: max-age=157541
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:04 GMT
Etag: "63df474a-139"
Expires: Tue, 07 Feb 2023 06:46:45 GMT
Last-Modified: Sun, 05 Feb 2023 06:06:02 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
bat.bing.com/action/0?ti=27021427&Ver=2&mid=967cd9ec-4fe3-4036-80d1-8009eead57c6&sid=7a492ee0a54411edb3b209f048640029&vid=7a4918b0a54411edb65a87a612a7eeef&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=666817
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=27021427&Ver=2&mid=967cd9ec-4fe3-4036-80d1-8009eead57c6&sid=7a492ee0a54411edb3b209f048640029&vid=7a4918b0a54411edb65a87a612a7eeef&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=666817
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=27021427&Ver=2&mid=967cd9ec-4fe3-4036-80d1-8009eead57c6&sid=7a492ee0a54411edb3b209f048640029&vid=7a4918b0a54411edb65a87a612a7eeef&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=666817 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=30433412826A6B96263B26BD833D6AD8; domain=.bing.com; expires=Fri, 01-Mar-2024 11:01:04 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3980DA0144A241E8A3C54CB071D89341 Ref B: OSL30EDGE0417 Ref C: 2023-02-05T11:01:04Z
date: Sun, 05 Feb 2023 11:01:04 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash c8b13878bf8be05c5b99a7c5f34a508d
3c8dc3051fa1953388ac3ac16c13643a46a696c7
5f99711e6d73c7719bb975d14155c024b396ee03f7e042a5364e3081f65f356e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3678
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:04 GMT
Last-Modified: Sun, 05 Feb 2023 09:59:46 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 314
www.google.no/pagead/1p-user-list/953627164/?random=1675594903282&cv=11&fst=1675594800000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tiba=MrQ%20%7C%20ONLINEBINGO&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1094084125&rmt_tld=1&ipr=y
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/953627164/?random=1675594903282&cv=11&fst=1675594800000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tiba=MrQ%20%7C%20ONLINEBINGO&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1094084125&rmt_tld=1&ipr=y
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/953627164/?random=1675594903282&cv=11&fst=1675594800000&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tiba=MrQ%20%7C%20ONLINEBINGO&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1094084125&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 11:01:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/953627164/?random=1675594903292&cv=11&fst=1675594903292&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=EJOFCMCMtcIDEJzk3MYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tiba=MrQ%20%7C%20ONLINEBINGO>m_ee=1&auid=1718162504.1675594903&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.131200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/953627164/?random=1675594903292&cv=11&fst=1675594903292&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=EJOFCMCMtcIDEJzk3MYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tiba=MrQ%20%7C%20ONLINEBINGO>m_ee=1&auid=1718162504.1675594903&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.131:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/953627164/?random=1675594903292&cv=11&fst=1675594903292&bg=ffffff&guid=ON&async=1>m=45be3210&u_w=1280&u_h=1024&label=EJOFCMCMtcIDEJzk3MYD&hn=www.google.com&frm=0&url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tiba=MrQ%20%7C%20ONLINEBINGO>m_ee=1&auid=1718162504.1675594903&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 11:01:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=27021427&Ver=2&mid=967cd9ec-4fe3-4036-80d1-8009eead57c6&sid=7a492ee0a54411edb3b209f048640029&vid=7a4918b0a54411edb65a87a612a7eeef&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=MrQ%20%7C%20ONLINEBINGO&p=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&r=<=1201&evt=pageLoad&sv=1&rn=71409
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=27021427&Ver=2&mid=967cd9ec-4fe3-4036-80d1-8009eead57c6&sid=7a492ee0a54411edb3b209f048640029&vid=7a4918b0a54411edb65a87a612a7eeef&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=MrQ%20%7C%20ONLINEBINGO&p=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&r=<=1201&evt=pageLoad&sv=1&rn=71409
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=27021427&Ver=2&mid=967cd9ec-4fe3-4036-80d1-8009eead57c6&sid=7a492ee0a54411edb3b209f048640029&vid=7a4918b0a54411edb65a87a612a7eeef&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=MrQ%20%7C%20ONLINEBINGO&p=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&r=<=1201&evt=pageLoad&sv=1&rn=71409 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=20AF1BA7D4D8601218D20908D58F616C; domain=.bing.com; expires=Fri, 01-Mar-2024 11:01:04 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 65AD55A325494ADCBD1A7900903F8EB8 Ref B: OSL30EDGE0417 Ref C: 2023-02-05T11:01:04Z
date: Sun, 05 Feb 2023 11:01:04 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/27021427.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/27021427.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/27021427.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D9F340F26E2743C7A1120425234345E8 Ref B: OSL30EDGE0417 Ref C: 2023-02-05T11:01:04Z
date: Sun, 05 Feb 2023 11:01:04 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 11:01:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t.co/i/adsct?bci=3&eci=2&event_id=f9f50401-e161-451e-9d52-0648c99a77d2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=86a70120-ec64-4762-98cd-e61ff1afdd22&tw_document_href=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o75ni&type=javascript&version=2.3.29
104.244.42.133200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=f9f50401-e161-451e-9d52-0648c99a77d2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=86a70120-ec64-4762-98cd-e61ff1afdd22&tw_document_href=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o75ni&type=javascript&version=2.3.29
IP 104.244.42.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=f9f50401-e161-451e-9d52-0648c99a77d2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=86a70120-ec64-4762-98cd-e61ff1afdd22&tw_document_href=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o75ni&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:01:04 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=c3732189-d77e-41eb-8fb6-9ff2cad5dc1f; Max-Age=63072000; Expires=Tue, 04 Feb 2025 11:01:04 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: b11f2ddf431f3b89
strict-transport-security: max-age=0
x-response-time: 108
x-connection-hash: 5e56d995e7794d0a071037e7d18c014df49a9e2d38bef9603e824680a1b78c37
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-58708780-1&cid=879268049.1675594903&jid=864831874&gjid=185403511&_gid=1242649990.1675594905&_u=YADAAEAAAAAAACAAI~&z=378072519
64.233.161.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-58708780-1&cid=879268049.1675594903&jid=864831874&gjid=185403511&_gid=1242649990.1675594905&_u=YADAAEAAAAAAACAAI~&z=378072519
IP 64.233.161.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-58708780-1&cid=879268049.1675594903&jid=864831874&gjid=185403511&_gid=1242649990.1675594905&_u=YADAAEAAAAAAACAAI~&z=378072519 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://mrq.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://mrq.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 05 Feb 2023 11:01:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=489309081211540&ev=CHEQ&dl=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&rl=&if=false&ts=1675594904954&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675594904953.1101900994&it=1675594904628&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=489309081211540&ev=CHEQ&dl=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&rl=&if=false&ts=1675594904954&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675594904953.1101900994&it=1675594904628&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=489309081211540&ev=CHEQ&dl=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&rl=&if=false&ts=1675594904954&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675594904953.1101900994&it=1675594904628&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Feb 2023 11:01:05 GMT
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=f9f50401-e161-451e-9d52-0648c99a77d2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=86a70120-ec64-4762-98cd-e61ff1afdd22&tw_document_href=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o75ni&type=javascript&version=2.3.29
104.244.42.195200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=f9f50401-e161-451e-9d52-0648c99a77d2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=86a70120-ec64-4762-98cd-e61ff1afdd22&tw_document_href=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o75ni&type=javascript&version=2.3.29
IP 104.244.42.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=f9f50401-e161-451e-9d52-0648c99a77d2&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=86a70120-ec64-4762-98cd-e61ff1afdd22&tw_document_href=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o75ni&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:01:04 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_OtmT1EepxXkYg7ZX/ObLFQ=="; Max-Age=63072000; Expires=Tue, 04 Feb 2025 11:01:04 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 750190708a8976dd
strict-transport-security: max-age=631138519
x-response-time: 117
x-connection-hash: c603c5abda7739a3fb39bd2aa6be80e5fdbbb3cd2aaa1c728d680a2c781f282b
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=489309081211540&ev=PageView&dl=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&rl=&if=false&ts=1675594904960&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=1&o=30&cs_est=true&fbp=fb.1.1675594904953.1101900994&it=1675594904628&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=489309081211540&ev=PageView&dl=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&rl=&if=false&ts=1675594904960&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=1&o=30&cs_est=true&fbp=fb.1.1675594904953.1101900994&it=1675594904628&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=489309081211540&ev=PageView&dl=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244&rl=&if=false&ts=1675594904960&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=1&o=30&cs_est=true&fbp=fb.1.1675594904953.1101900994&it=1675594904628&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Feb 2023 11:01:05 GMT
X-Firefox-Spdy: h2
event.getblue.io/r/audience-pixel-std.min.js?v=22
52.67.253.125200 OK 4.9 kB URL HTTP/2 event.getblue.io/r/audience-pixel-std.min.js?v=22
IP 52.67.253.125:0
Hash f2c06a5f3536f9ef3216de2ee9117def
8a045b4667109bffae5a242a7e40cc701f5fbef2
7cb467d59370994b3753acc5e233ab9da4e4f4f6f4092793bd78985ecfcfa641
GET /r/audience-pixel-std.min.js?v=22 HTTP/1.1
Host: event.getblue.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ckid=27227985-8DDF-4B64-B27539B903EC0762; hash=955b8ff2a358a107a33131e2176ed4e78c38b562519726138cb2f8ba847b1099a6d3ac8bb44807a432
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:01:04 GMT
content-type: application/javascript
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
etag: W/"11099-1675588393891"
last-modified: Sun, 05 Feb 2023 09:13:13 GMT
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=coveny_limited&google_cm=&google_sc=&ckid=27227985-8DDF-4B64-B27539B903EC0762&cid=FE234AE0-B17A-69ED-DFDDD90C731389A6&google_ula=6572934421&ula=6572934421&google_hm=MjcyMjc5ODUtOERERi00QjY0LUIyNzUzOUI5MDNFQzA3NjI&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&google_tc=
216.58.207.194302 Found 423 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=coveny_limited&google_cm=&google_sc=&ckid=27227985-8DDF-4B64-B27539B903EC0762&cid=FE234AE0-B17A-69ED-DFDDD90C731389A6&google_ula=6572934421&ula=6572934421&google_hm=MjcyMjc5ODUtOERERi00QjY0LUIyNzUzOUI5MDNFQzA3NjI&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&google_tc=
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 8059150e2b39b5dd83229ae0e96b56a5
1c2ae6bc7c112e29f91ebc3c32144d879fa6ef54
fa96665586173b7e745a0f360857c4d1f365d36939015596e127f2e4d36e7dde
GET /pixel?google_nid=coveny_limited&google_cm=&google_sc=&ckid=27227985-8DDF-4B64-B27539B903EC0762&cid=FE234AE0-B17A-69ED-DFDDD90C731389A6&google_ula=6572934421&ula=6572934421&google_hm=MjcyMjc5ODUtOERERi00QjY0LUIyNzUzOUI5MDNFQzA3NjI&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://cms.getblue.io/cm/?src=adx&child=europe&ckid=27227985-8DDF-4B64-B27539B903EC0762&cid=FE234AE0-B17A-69ED-DFDDD90C731389A6&ula=6572934421&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&google_error=3
date: Sun, 05 Feb 2023 11:01:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 423
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ib.adnxs.com/setuid?entity=449&code=27227985-8DDF-4B64-B27539B903EC0762
185.89.210.101307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/setuid?entity=449&code=27227985-8DDF-4B64-B27539B903EC0762
IP 185.89.210.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=449&code=27227985-8DDF-4B64-B27539B903EC0762 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 11:01:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D449%26code%3D27227985-8DDF-4B64-B27539B903EC0762
AN-X-Request-Uuid: 471c0b5a-99ca-4c2a-8f21-7c50ae130cdd
Set-Cookie: uuid2=3148867641497669108; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 11:01:05 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=27227985-8DDF-4B64-B27539B903EC0762&cid=FE234AE0-B17A-69ED-DFDDD90C731389A6&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&appnexusid=$UID
185.89.210.101307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=27227985-8DDF-4B64-B27539B903EC0762&cid=FE234AE0-B17A-69ED-DFDDD90C731389A6&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&appnexusid=$UID
IP 185.89.210.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=27227985-8DDF-4B64-B27539B903EC0762&cid=FE234AE0-B17A-69ED-DFDDD90C731389A6&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&appnexusid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 11:01:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcms.getblue.io%2Fcm%2F%3Fsrc%3Dappnexus%26ckid%3D27227985-8DDF-4B64-B27539B903EC0762%26cid%3DFE234AE0-B17A-69ED-DFDDD90C731389A6%26blueID%3Dffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b%26appnexusid%3D%24UID
AN-X-Request-Uuid: 6ef0b9aa-5ee2-4522-8d04-7de1d762446b
Set-Cookie: uuid2=565171147242847279; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 11:01:05 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D449%26code%3D27227985-8DDF-4B64-B27539B903EC0762
185.89.210.101200 OK 43 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D449%26code%3D27227985-8DDF-4B64-B27539B903EC0762
IP 185.89.210.101:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D449%26code%3D27227985-8DDF-4B64-B27539B903EC0762 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 11:01:05 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: a77f1934-3083-4e18-91ad-68e3e8416683
Set-Cookie: anj=dTM7k!M4.FD>6NRF']wIg2Ileo1J#M!]tbPl@/8LQ0[eC=E1HEfR62gdKt1*eTpV)e9%7pkC+.mjGe6pidSQhkyhGj<HwRjN.Q?@*bpRz*qF1`*bcn'*'?5); SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 11:01:05 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcms.getblue.io%2Fcm%2F%3Fsrc%3Dappnexus%26ckid%3D27227985-8DDF-4B64-B27539B903EC0762%26cid%3DFE234AE0-B17A-69ED-DFDDD90C731389A6%26blueID%3Dffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b%26appnexusid%3D%24UID
185.89.210.101302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcms.getblue.io%2Fcm%2F%3Fsrc%3Dappnexus%26ckid%3D27227985-8DDF-4B64-B27539B903EC0762%26cid%3DFE234AE0-B17A-69ED-DFDDD90C731389A6%26blueID%3Dffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b%26appnexusid%3D%24UID
IP 185.89.210.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcms.getblue.io%2Fcm%2F%3Fsrc%3Dappnexus%26ckid%3D27227985-8DDF-4B64-B27539B903EC0762%26cid%3DFE234AE0-B17A-69ED-DFDDD90C731389A6%26blueID%3Dffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b%26appnexusid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 11:01:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://cms.getblue.io/cm/?src=appnexus&ckid=27227985-8DDF-4B64-B27539B903EC0762&cid=FE234AE0-B17A-69ED-DFDDD90C731389A6&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&appnexusid=0
AN-X-Request-Uuid: 137c254f-4233-4982-af50-54e33eea395b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
cms.getblue.io/cm/?src=adx&child=europe&ckid=27227985-8DDF-4B64-B27539B903EC0762&cid=FE234AE0-B17A-69ED-DFDDD90C731389A6&ula=6572934421&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&google_error=3
54.207.85.163200 OK 2 B URL HTTP/2 cms.getblue.io/cm/?src=adx&child=europe&ckid=27227985-8DDF-4B64-B27539B903EC0762&cid=FE234AE0-B17A-69ED-DFDDD90C731389A6&ula=6572934421&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&google_error=3
IP 54.207.85.163:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /cm/?src=adx&child=europe&ckid=27227985-8DDF-4B64-B27539B903EC0762&cid=FE234AE0-B17A-69ED-DFDDD90C731389A6&ula=6572934421&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&google_error=3 HTTP/1.1
Host: cms.getblue.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ckid=27227985-8DDF-4B64-B27539B903EC0762; hash=955b8ff2a358a107a33131e2176ed4e78c38b562519726138cb2f8ba847b1099a6d3ac8bb44807a432
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:01:05 GMT
content-type: application/json; charset=utf-8
content-length: 2
x-powered-by: Express
X-Firefox-Spdy: h2
cms.getblue.io/cm/?src=appnexus&ckid=27227985-8DDF-4B64-B27539B903EC0762&cid=FE234AE0-B17A-69ED-DFDDD90C731389A6&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&appnexusid=0
54.207.85.163200 OK 2 B URL HTTP/2 cms.getblue.io/cm/?src=appnexus&ckid=27227985-8DDF-4B64-B27539B903EC0762&cid=FE234AE0-B17A-69ED-DFDDD90C731389A6&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&appnexusid=0
IP 54.207.85.163:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /cm/?src=appnexus&ckid=27227985-8DDF-4B64-B27539B903EC0762&cid=FE234AE0-B17A-69ED-DFDDD90C731389A6&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&appnexusid=0 HTTP/1.1
Host: cms.getblue.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ckid=27227985-8DDF-4B64-B27539B903EC0762; hash=955b8ff2a358a107a33131e2176ed4e78c38b562519726138cb2f8ba847b1099a6d3ac8bb44807a432
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:01:05 GMT
content-type: application/json; charset=utf-8
content-length: 2
x-powered-by: Express
X-Firefox-Spdy: h2
trc-events.taboola.com/1464003/log/3/unip?en=pre_d_eng_tb&tos=1561&scd=0&ssd=1&est=1675594904642&ver=36&isls=true&src=i&invt=1500&msa=580&rv=1&tim=1675594906206&vi=1675594904641&ri=69ea207aa0829adec7d92f202667d1ef&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1464003/log/3/unip?en=pre_d_eng_tb&tos=1561&scd=0&ssd=1&est=1675594904642&ver=36&isls=true&src=i&invt=1500&msa=580&rv=1&tim=1675594906206&vi=1675594904641&ri=69ea207aa0829adec7d92f202667d1ef&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1464003/log/3/unip?en=pre_d_eng_tb&tos=1561&scd=0&ssd=1&est=1675594904642&ver=36&isls=true&src=i&invt=1500&msa=580&rv=1&tim=1675594906206&vi=1675594904641&ri=69ea207aa0829adec7d92f202667d1ef&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mrq.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 05 Feb 2023 11:01:06 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://mrq.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
eor.ediemidnightzombies.com/mon
3.248.162.96200 OK 0 B URL HTTP/2 eor.ediemidnightzombies.com/mon
IP 3.248.162.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: eor.ediemidnightzombies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1756
Origin: https://mrq.com
Connection: keep-alive
Cookie: cg_uuid=51ea493f1cac9d0d45f0ec0a7f1b950d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://mrq.com
content-type: application/json
date: Sun, 05 Feb 2023 11:01:06 GMT
content-length: 0
X-Firefox-Spdy: h2
eor.ediemidnightzombies.com/mon
3.248.162.96200 OK 0 B URL HTTP/2 eor.ediemidnightzombies.com/mon
IP 3.248.162.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: eor.ediemidnightzombies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1756
Origin: https://mrq.com
Connection: keep-alive
Cookie: cg_uuid=51ea493f1cac9d0d45f0ec0a7f1b950d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://mrq.com
content-type: application/json
date: Sun, 05 Feb 2023 11:01:08 GMT
content-length: 0
X-Firefox-Spdy: h2
trc-events.taboola.com/1464003/log/3/unip?en=pre_d_eng_tb&tos=4562&scd=0&ssd=1&est=1675594904642&ver=36&isls=true&src=i&invt=3000&msa=580&rv=1&tim=1675594909208&vi=1675594904641&ri=69ea207aa0829adec7d92f202667d1ef&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1464003/log/3/unip?en=pre_d_eng_tb&tos=4562&scd=0&ssd=1&est=1675594904642&ver=36&isls=true&src=i&invt=3000&msa=580&rv=1&tim=1675594909208&vi=1675594904641&ri=69ea207aa0829adec7d92f202667d1ef&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1464003/log/3/unip?en=pre_d_eng_tb&tos=4562&scd=0&ssd=1&est=1675594904642&ver=36&isls=true&src=i&invt=3000&msa=580&rv=1&tim=1675594909208&vi=1675594904641&ri=69ea207aa0829adec7d92f202667d1ef&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mrq.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 05 Feb 2023 11:01:09 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://mrq.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
mrq.com/newoffer/75-wager-free-spins/onlinebingo?s1=&s2=&s3=&click=16913244&affid=169&campaign=41&gclid=&msclkid=&lpage=t4SH0x&resource=&site=326&referrer=emails.1cs.com&tgclid=02010047-135e-4ae7-b200-191e63df8c5c&tgsid=16913244
104.22.41.88200 OK 0 B URL HTTP/2 mrq.com/newoffer/75-wager-free-spins/onlinebingo?s1=&s2=&s3=&click=16913244&affid=169&campaign=41&gclid=&msclkid=&lpage=t4SH0x&resource=&site=326&referrer=emails.1cs.com&tgclid=02010047-135e-4ae7-b200-191e63df8c5c&tgsid=16913244
IP 104.22.41.88:0
GET /newoffer/75-wager-free-spins/onlinebingo?s1=&s2=&s3=&click=16913244&affid=169&campaign=41&gclid=&msclkid=&lpage=t4SH0x&resource=&site=326&referrer=emails.1cs.com&tgclid=02010047-135e-4ae7-b200-191e63df8c5c&tgsid=16913244 HTTP/1.1
Host: mrq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:01:02 GMT
content-type: text/html; charset=utf-8
cf-ray: 794b25527e6f98f6-ARN
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=0
referrer-policy: no-referrer
set-cookie: route=a9d2ce513df67b06f9698e219d70daff; Path=/
SRVGROUP=common; path=/
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
perfalytics.com/static/js/integrations.js
143.204.55.25200 OK 0 B URL HTTP/2 perfalytics.com/static/js/integrations.js
IP 143.204.55.25:0
GET /static/js/integrations.js HTTP/1.1
Host: perfalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 04 Feb 2023 16:41:38 GMT
last-modified: Wed, 21 Dec 2022 14:49:49 GMT
x-amz-version-id: vy8YBJyHh3YdSxs1zcx5.F53Z1LNuBia
etag: W/"44227cff6f42b81f9be75e88d2c0bdf2"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: V2O3RpG3B8v6VokmuNCLCHaAJmnPmvWtzfpLmd2LUdTH_Ix3Jax0FA==
age: 65966
X-Firefox-Spdy: h2
flicker-next.mrq.com/api/trustpilot-scores
172.67.10.181200 OK 0 B URL HTTP/2 flicker-next.mrq.com/api/trustpilot-scores
IP 172.67.10.181:0
GET /api/trustpilot-scores HTTP/1.1
Host: flicker-next.mrq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mrq.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:01:03 GMT
content-type: application/json; charset=utf-8
set-cookie: route=8ba6a7d216c61402ee139d3a26ef0f90; Path=/
SRVGROUP=common; path=/
content-security-policy: connect-src 'self' https:;img-src 'self' data: blob: https:;media-src 'self' data: blob: https:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
vary: Origin, Accept-Encoding
access-control-allow-origin: https://mrq.com
access-control-allow-credentials: true
x-cache: HIT
x-powered-by: Strapi <strapi.io>
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 794b2557ebdeb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
event.getblue.io/js/blue-tag.min.js
52.67.253.125200 OK 0 B URL HTTP/2 event.getblue.io/js/blue-tag.min.js
IP 52.67.253.125:0
GET /js/blue-tag.min.js HTTP/1.1
Host: event.getblue.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:01:04 GMT
content-type: application/javascript
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
etag: W/"7716-1675593713341"
last-modified: Sun, 05 Feb 2023 10:41:53 GMT
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
event.getblue.io/p/?cId=FE234AE0-B17A-69ED-DFDDD90C731389A6&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&v=13072020-1328&nocache=8243076783415.85
52.67.253.125200 OK 0 B URL HTTP/2 event.getblue.io/p/?cId=FE234AE0-B17A-69ED-DFDDD90C731389A6&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&v=13072020-1328&nocache=8243076783415.85
IP 52.67.253.125:0
GET /p/?cId=FE234AE0-B17A-69ED-DFDDD90C731389A6&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=ffe11cdd-b7a5-4145-9a29-e8e9b4b5d12b&v=13072020-1328&nocache=8243076783415.85 HTTP/1.1
Host: event.getblue.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 11:01:04 GMT
content-type: text/html;charset=UTF-8
tagcontainer-version: 1185-25112022-1130
cache-control: no-cache
set-cookie: ckid=27227985-8DDF-4B64-B27539B903EC0762; expires=Mon, 05 Feb 2024 11:01:04 -0000; domain=.getblue.io; path=/; secure; samesite=None
JSESSIONID=C45CB4EF20204A9C47017F3E3A6C4F71; Path=/; HttpOnly
hash=955b8ff2a358a107a33131e2176ed4e78c38b562519726138cb2f8ba847b1099a6d3ac8bb44807a432; expires=Tue, 07 Feb 2023 11:01:04 -0000; domain=.getblue.io; path=/; secure; samesite=None
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
trc.taboola.com/1464003/trc/3/json?tim=1675594904650&data=%7B%22id%22%3A524%2C%22ii%22%3A%22%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675594904641%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dmadfoxmrq-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675594904649%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244%22%2C%22tos%22%3A4%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.193.44200 OK 0 B URL HTTP/2 trc.taboola.com/1464003/trc/3/json?tim=1675594904650&data=%7B%22id%22%3A524%2C%22ii%22%3A%22%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675594904641%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dmadfoxmrq-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675594904649%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244%22%2C%22tos%22%3A4%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.193.44:0
GET /1464003/trc/3/json?tim=1675594904650&data=%7B%22id%22%3A524%2C%22ii%22%3A%22%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675594904641%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dmadfoxmrq-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675594904649%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fmrq.com%2Fnewoffer%2F75-wager-free-spins%2Fonlinebingo%3Fs1%3D%26s2%3D%26s3%3D%26click%3D16913244%26affid%3D169%26campaign%3D41%26gclid%3D%26msclkid%3D%26lpage%3Dt4SH0x%26resource%3D%26site%3D326%26referrer%3Demails.1cs.com%26tgclid%3D02010047-135e-4ae7-b200-191e63df8c5c%26tgsid%3D16913244%22%2C%22tos%22%3A4%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 11:01:04 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675594865.870765,VS0,VE108
vary: Accept-Encoding
x-vcl-time-ms: 108
X-Firefox-Spdy: h2