walter-larence.com/c31fd236-727d-4fd2-97b4-8d8ce3e0aef7
18.193.146.82302 Found 0 B URL User Request GET HTTP/2 walter-larence.com/c31fd236-727d-4fd2-97b4-8d8ce3e0aef7
IP 18.193.146.82:443
Certificate IssuerLet's Encrypt
Subjectwalter-larence.com
Fingerprint68:03:79:D9:A0:7F:E4:02:56:2B:FE:6D:ED:3E:B4:E7:06:A6:D4:84
ValidityFri, 24 Nov 2023 06:53:56 GMT - Thu, 22 Feb 2024 06:53:55 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c31fd236-727d-4fd2-97b4-8d8ce3e0aef7 HTTP/1.1
Host: walter-larence.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Tue, 05 Dec 2023 20:08:09 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://happy-u.vip/free-spins-ke?cep=pyAsU1wlvCYBhI9jKsq7OpyTzQLUBEH8KRiwpS0uO7IqwdGDJcEvTg1dQOoqNItVLh2qh7N-NX099YV8qZzCtq86bH7ssylOs490KINKbaEdhTCqPRICEqmuDuqyFdzU0qF8m7EdyfPMfio20VahtZrVDYJkiY6zC8LWV4Cj2HMy-Ab3Hg1ezKd52qZtZntCiWYKm7-h-dRtY4UH50VKN_JoZ1ucU186fa7s-QUq_WxhjVnpaYf7zFTQMb7xihdeaZo_mVYg3Rvzi_dMsWl6mbmr1Pep_GVP6ypjvxKyOO2UXRRykQ10DtWW4Mq5AEw0RKhAKQYkSZ8k4Xv9QhWAATpMPHiTiR3f8Ajk43Og3LW09Ly_g_TMtWRZu15tK5PY&lptoken=17ba019d802086848999
pragma: no-cache
set-cookie: c31fd236-727d-4fd2-97b4-8d8ce3e0aef7-v4=RSrdnGsgOpvSoX_eJ3aJrqIWKmloRw1Ax1SBEdkn9G4; Max-Age=86400; Expires=Wed, 06-Dec-2023 20:08:09 GMT; Domain=walter-larence.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=35c1wNmc-_BlOK9A1Yp4HKKtS16gsFtbBQZ6p44vm-OmSzdAHsKY_8EFEUeOpEIw4UGcZHKGJvA4ZefeHBjKiMg1_3jwFxO-LA_RuY4qZgID-Kj-2TF-zkKK5awvtwvcHK2CxuO34UtOn3qwiM26s1UIDifwYjwhfnS503abZmS7pgvnQNjWQ-MiSb6T1nvZFfzFQhkAGWKYT7bHW6LovkbEknqo7O4PDiA6fxLtvvj8TGnWOJ-EZQMjd_ENsJQ2e0uRZlE4IubkZKVcPmi50kuOI8zmg7fRWA0ncqUqvehMZNuvJVbSVxKg4vqw7IMQj_DtkCTg59xzb2fhSl435kwy66stAHQHwWunXuj2h7EuFSbTf5GZcLEeF96IdVN6; Max-Age=86400; Expires=Wed, 06-Dec-2023 20:08:09 GMT; Domain=walter-larence.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
happy-u.vip/free-spins-ke%2Fimages%2Fslot-spin.gif
188.114.97.1200 OK 88 kB URL GET HTTP/3 happy-u.vip/free-spins-ke%2Fimages%2Fslot-spin.gif
IP 188.114.97.1:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT
File type GIF image data, version 89a, 410 x 279\012- data
Hash 617c16c5e04c8603dd7f157862b1c682
1306296f9a666a7fc50f339a2a924ce8a3a18169
7f8e36cf7ac437d7c42440ef5f522c8e27adb06348b573192308038fa7c1dc7e
GET /free-spins-ke%2Fimages%2Fslot-spin.gif HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: image/gif
content-length: 87599
x-amz-id-2: mCh89CwmCzbWod4ck4O3wABtTAli/lNbG0dVvfKhM4+/gzKdlmJGgcKeWuI0Oq4ZLRRCUIp3n8k=
x-amz-request-id: X3RQSTKNRWZ2PYKT
last-modified: Thu, 02 Jun 2022 12:59:34 GMT
etag: "617c16c5e04c8603dd7f157862b1c682"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVkg4%2BoWZWlTQk%2Fo4pX9eDEh3u4qTpDBLGY6hZs6If%2F97peFLmcYsTXq94tWhheUCwB8P5sn2OXNKh9I8OTavbkXvPFDj%2FvgKuCqjnZn6H2GHkxxG8gfFfT9ey%2Bg2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b6f235687-OSL
alt-svc: h3=":443"; ma=86400
happy-u.vip/free-spins-ke%2Fimages%2Fslot-result-1.png
188.114.97.1200 OK 20 kB URL GET HTTP/3 happy-u.vip/free-spins-ke%2Fimages%2Fslot-result-1.png
IP 188.114.97.1:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 1fbd2b26e61236d5bcfdfeb6adbd2c8c
c9034272d28dab018b73f1967a679c734f987a1f
c402c36eb8d623b618261d40846e63c130de1e78720ab5578eae1d645198c963
GET /free-spins-ke%2Fimages%2Fslot-result-1.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: image/png
content-length: 20370
x-amz-id-2: HkwJmvNgaOkjw1PA9RpupDjH4UkIsuIFFHorbuyA0s/u8YOJYS/8HbAu7MBYrKW6DR4MMnGLRNo=
x-amz-request-id: CT282MX3CJX4HS43
last-modified: Thu, 02 Jun 2022 12:59:32 GMT
etag: "1fbd2b26e61236d5bcfdfeb6adbd2c8c"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llYsVqPWURnnUZQpr3RczpbBg9WC5AkzwY%2F41PpRyMnrR4LGxlAzQL2ifvM2BZibPfxc1pn62dHoyeGYc7klOHPpjpVk%2FFLEOf%2FGxwrgk09ErDawvXcRnARGbIbKyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b6f275687-OSL
alt-svc: h3=":443"; ma=86400
happy-u.vip/free-spins-ke%2Fimages%2FCA.png
188.114.97.1200 OK 36 kB URL GET HTTP/3 happy-u.vip/free-spins-ke%2Fimages%2FCA.png
IP 188.114.97.1:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash d94d1d2fc9120c693a66d99b01362e24
465d9725e53ec9a6e4bf2a8e26fb4b5b7e01562d
0b5f254d8aba31c96211fbd731c9f5984973c203135435f5430cf05c542b5b70
GET /free-spins-ke%2Fimages%2FCA.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: image/png
content-length: 36535
x-amz-id-2: 7HfX9lbJ7Cmg6mH4DLb5XwhU+HjntwxWo8PyphUBBhZMK1nmtIYHOgLhpPiItXeGRQ3iw4snQfo=
x-amz-request-id: 6DWEP1G0E02KWVDZ
last-modified: Thu, 02 Jun 2022 12:59:31 GMT
etag: "d94d1d2fc9120c693a66d99b01362e24"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClVmymExi%2Fw0Hd13Cd7ooDMChGi%2B5S0QiBEMUBcfsys4FsITv4Iku0Tne57H8DaC2fNpDUXu8xs18Fx9ERu%2FhCCO73%2FoA9tveybBrRP5ZdxNZy9NgHbYMO%2Bs8R%2FgZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b6f1d5687-OSL
alt-svc: h3=":443"; ma=86400
happy-u.vip/free-spins-ke?cep=pyAsU1wlvCYBhI9jKsq7OpyTzQLUBEH8KRiwpS0uO7IqwdGDJcEvTg1dQOoqNItVLh2qh7N-NX099YV8qZzCtq86bH7ssylOs490KINKbaEdhTCqPRICEqmuDuqyFdzU0qF8m7EdyfPMfio20VahtZrVDYJkiY6zC8LWV4Cj2HMy-Ab3Hg1ezKd52qZtZntCiWYKm7-h-dRtY4UH50VKN_JoZ1ucU186fa7s-QUq_WxhjVnpaYf7zFTQMb7xihdeaZo_mVYg3Rvzi_dMsWl6mbmr1Pep_GVP6ypjvxKyOO2UXRRykQ10DtWW4Mq5AEw0RKhAKQYkSZ8k4Xv9QhWAATpMPHiTiR3f8Ajk43Og3LW09Ly_g_TMtWRZu15tK5PY&lptoken=17ba019d802086848999
188.114.97.1302 Found 26 kB URL User Request GET HTTP/2 happy-u.vip/free-spins-ke?cep=pyAsU1wlvCYBhI9jKsq7OpyTzQLUBEH8KRiwpS0uO7IqwdGDJcEvTg1dQOoqNItVLh2qh7N-NX099YV8qZzCtq86bH7ssylOs490KINKbaEdhTCqPRICEqmuDuqyFdzU0qF8m7EdyfPMfio20VahtZrVDYJkiY6zC8LWV4Cj2HMy-Ab3Hg1ezKd52qZtZntCiWYKm7-h-dRtY4UH50VKN_JoZ1ucU186fa7s-QUq_WxhjVnpaYf7zFTQMb7xihdeaZo_mVYg3Rvzi_dMsWl6mbmr1Pep_GVP6ypjvxKyOO2UXRRykQ10DtWW4Mq5AEw0RKhAKQYkSZ8k4Xv9QhWAATpMPHiTiR3f8Ajk43Og3LW09Ly_g_TMtWRZu15tK5PY&lptoken=17ba019d802086848999
IP 188.114.97.1:443
Certificate IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT
Hash 1815c158f3adbe48a73f523b7166db5a
8512ebc3d026dec1e4884304082191a262f3c26c
358ea599e01032804ac559b07e4e1a83518ded1325acb7d096b7bccdac432afd
GET /free-spins-ke?cep=pyAsU1wlvCYBhI9jKsq7OpyTzQLUBEH8KRiwpS0uO7IqwdGDJcEvTg1dQOoqNItVLh2qh7N-NX099YV8qZzCtq86bH7ssylOs490KINKbaEdhTCqPRICEqmuDuqyFdzU0qF8m7EdyfPMfio20VahtZrVDYJkiY6zC8LWV4Cj2HMy-Ab3Hg1ezKd52qZtZntCiWYKm7-h-dRtY4UH50VKN_JoZ1ucU186fa7s-QUq_WxhjVnpaYf7zFTQMb7xihdeaZo_mVYg3Rvzi_dMsWl6mbmr1Pep_GVP6ypjvxKyOO2UXRRykQ10DtWW4Mq5AEw0RKhAKQYkSZ8k4Xv9QhWAATpMPHiTiR3f8Ajk43Og3LW09Ly_g_TMtWRZu15tK5PY&lptoken=17ba019d802086848999 HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: text/html; charset=utf-8
x-amz-error-code: Found
x-amz-error-message: Resource Found
x-amz-request-id: HBWDMD3VZG6E2FVN
x-amz-id-2: p6iF1Sm6UHMMirGia/jwZGIWtzAPhNWhrK3ZhfaXi8Kxg9uZDy0A+zCL0+mbsyCLkp/WGHATlJ0=
location: /free-spins-ke/
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JuWuXxv0QLeTGcciFrsLNoQ7pIT09e0g8CrOFFLFliGMOjLPOdvtzm6010EPrji2AAlRG3L7c0SR1CsLVmqPEahrffUSH8PvKnnzdp2XC5HJ5VUMU3O%2B52vmgoL5%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb670ea756bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/free-spins-ke%2Fimages%2Fslot-win.png
188.114.97.1200 OK 14 kB URL GET HTTP/3 happy-u.vip/free-spins-ke%2Fimages%2Fslot-win.png
IP 188.114.97.1:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash 939b6a73c96383ac0842317037f3a0f0
0654b62431c8ba522833950b8166d7a16e2a6b56
b8f1ec0ac028bd024af2cf57b63b07069b2f4a41e61c1577e968ca5d7ba72837
GET /free-spins-ke%2Fimages%2Fslot-win.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: image/png
content-length: 14391
x-amz-id-2: SLS92mdgsZig22sKXdMlx61oNkcnPCOsDPl2yf9nlHeKlmdHBv31DymwVlgV3hZGvUcqibOQ9/w=
x-amz-request-id: X3RSNTGS2ZHA3T7H
last-modified: Thu, 02 Jun 2022 12:59:33 GMT
etag: "939b6a73c96383ac0842317037f3a0f0"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h82d9fhiUFpgNws5YB5LNBjiQWqb4QF5cX6VnRjx5XQ6%2FIuwfs1zN13wBIvy%2FCQzpskbRe%2FsD0Qle23pBJDrRZVobegst0hmVguQD4lpns%2FeJrZX5DMGjWQDf2m0OA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b7f2c5687-OSL
alt-svc: h3=":443"; ma=86400
happy-u.vip/free-spins-ke%2Fimages%2Fred-arrow-right.png
188.114.97.1200 OK 1.4 kB URL GET HTTP/3 happy-u.vip/free-spins-ke%2Fimages%2Fred-arrow-right.png
IP 188.114.97.1:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 881bdc037be8895ba5d8d53456890e7e
4e105c89e2a1475520bb74c9c20bf2f9e906fcb3
9f8160d6380fef91c8eadecc6e8e59e93e3f5c40be7963018c8104bef4354d8f
GET /free-spins-ke%2Fimages%2Fred-arrow-right.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: image/png
content-length: 1362
x-amz-id-2: rA+THcGluV8iaCuG49rRNzuSRWHzh/dl6oeyLu7l/+AtibJSZUzwUDBiwme78ZXP1nxauTteozk=
x-amz-request-id: X3RXXNNTXQ7Z5AB6
last-modified: Thu, 02 Jun 2022 12:59:32 GMT
etag: "881bdc037be8895ba5d8d53456890e7e"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yWdKTpswED%2FXFAQjjyl5iAnA2YiPioVWnVjVEt3g3A%2BQCvKgk8lqVigXd%2FVQp%2BGJlfAjQFJj6eXwWTQzmOumt%2FNOBNEl756TucU73ToXYxGWgVCiMFSZujWcOK7pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b7f365687-OSL
alt-svc: h3=":443"; ma=86400
happy-u.vip/free-spins-ke%2Fimages%2Fslot-result-2.png
188.114.97.1200 OK 27 kB URL GET HTTP/3 happy-u.vip/free-spins-ke%2Fimages%2Fslot-result-2.png
IP 188.114.97.1:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash b6ca0bfea4d0cec334f128f5c2c44cff
f6dc006902542a929187af718d9f6a244e5472b5
b09b477eb93ed896b8e52a2f746e435695dbef2a1259987bae4fbea3c35b5435
GET /free-spins-ke%2Fimages%2Fslot-result-2.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: image/png
content-length: 26733
x-amz-id-2: hi0o42OuLC7MYdKgPvzsp5RShXJhC1sQhYbhosevLvVtlIowyMG2Jf/lru2Mjv8sYitEmZ0hYAw=
x-amz-request-id: 6SX5QEH8YK3XMCEH
last-modified: Thu, 02 Jun 2022 12:59:32 GMT
etag: "b6ca0bfea4d0cec334f128f5c2c44cff"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbBdXlUMSOB7zSYbyc4rvbDOYu4XGQppvh5WPVEK8%2ByVjbbnaqHDvzDuCt5urj2MYdsRjB4WhDNSPdYusJRUzvXHWM5oKrENnWcBWk%2FMKHdkl6BfXCff%2F8XQHfNsLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b7f2b5687-OSL
alt-svc: h3=":443"; ma=86400
happy-u.vip/free-spins-ke%2Fimages%2Fred-arrow-left.png
188.114.97.1200 OK 1.3 kB URL GET HTTP/3 happy-u.vip/free-spins-ke%2Fimages%2Fred-arrow-left.png
IP 188.114.97.1:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 92d3e482cacea857c5dfaf9fa3a21dfb
3f12c410c77d763cc4719ec367a18417b8300758
4a688dc66588e8e86e98ccadb318fa2aca3fd6e2444aac783278b982f3e47eef
GET /free-spins-ke%2Fimages%2Fred-arrow-left.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: image/png
content-length: 1334
x-amz-id-2: cuAeLnowYMiq1EmmJ4BhIp+Rt3+z3Um4UQeJGOcYWOF+lsq0OUwBC9nJ4oTmn1HVNSxPdKViVv8=
x-amz-request-id: GP1PCHRTR4CJBEZ0
last-modified: Thu, 02 Jun 2022 12:59:33 GMT
etag: "92d3e482cacea857c5dfaf9fa3a21dfb"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qmZmi449Mnyj6QLdWaAf4iFr9YoXRiFEVOynJ%2B0vJ8hdET077E5Iv8%2B4%2F9bXif5lP%2Bjvps40o1PkL%2FqkdJsqdUv%2Bwbu2gQaBI55L2OCHqFVsyLfUEGzLY99Vp8NJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b7f2f5687-OSL
alt-svc: h3=":443"; ma=86400
assets.landerlab.io/base.css
54.230.111.7200 OK 8.7 kB URL GET HTTP/2 assets.landerlab.io/base.css
IP 54.230.111.7:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerAmazon
Subject*.landerlab.io
FingerprintCA:55:A0:91:66:D2:49:1D:74:D9:90:B0:7E:D2:4C:B1:3A:0C:10:78
ValidityWed, 28 Jun 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (8731)
Hash 7f6de4e86d84bcbfd919f155e7545439
e7d9a7a418519c3fbce6de3c85775087cba93b49
8d8c59c2712df25a26ecd01739496e49c3514a9341fa3cd21cfa98627ba6efa2
GET /base.css HTTP/1.1
Host: assets.landerlab.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
content-length: 8732
date: Tue, 05 Dec 2023 01:46:23 GMT
last-modified: Sat, 29 May 2021 19:05:04 GMT
etag: "7f6de4e86d84bcbfd919f155e7545439"
x-amz-version-id: 0sEXTlrAazg9KkJm7sv1lqt808WfgxiL
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: auoFWimOW_DcUgVTXa5rB3g_X0TmUQK63i-2yxcLjOXfe0oJSa2_tQ==
age: 66108
X-Firefox-Spdy: h2
happy-u.vip/free-spins-ke%2Fsounds%2Falert.mp3
188.114.97.1206 Partial Content 8.8 kB URL GET HTTP/3 happy-u.vip/free-spins-ke%2Fsounds%2Falert.mp3
IP 188.114.97.1:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Hash 6d2d3da2ea28ace816fa4a138829dc18
606e0ec3d7fb05c69f16233cfe1ff0a0ee760505
d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc
GET /free-spins-ke%2Fsounds%2Falert.mp3 HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Tue, 05 Dec 2023 20:08:11 GMT
content-type: audio/mpeg
content-length: 8802
x-amz-id-2: KtKPSsWrStu3HAvinXw+AnJpwB7nKmHCHZ+iolQ4yhYK86G8Q6YoN+XVmv6fCcNgRfOpmQaIb/c=
x-amz-request-id: 6SXA70EQ7852902K
last-modified: Thu, 02 Jun 2022 12:59:33 GMT
etag: "6d2d3da2ea28ace816fa4a138829dc18"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
content-range: bytes 0-8801/8802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqfeKuC76EnstV94X7qLYwxrZnJNuXHHVI3sMQO9nAz3k07%2F2ly29yl9uZMJZLzOv%2BEMS%2Baa9kvxzaHjMp2vKGLefVU0Y8dEUpzMyr5J%2BL9KhWV6rJxE2fQdgDa9uA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6e7c135687-OSL
alt-svc: h3=":443"; ma=86400
happy-u.vip/free-spins-ke%2Fsounds%2Fspin.mp3
188.114.97.1206 Partial Content 51 kB URL GET HTTP/3 happy-u.vip/free-spins-ke%2Fsounds%2Fspin.mp3
IP 188.114.97.1:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 320 kbps, 44.1 kHz, JntStereo\012- data
Hash 390bca8d165546a8097b8951d2f400d4
1385d88b3aeee07bc51e7955fbcb9ed7586ebdec
cdb080d348cd2222fbe1d5b54da2f9db8fdca881570a9c82899082203b000b78
GET /free-spins-ke%2Fsounds%2Fspin.mp3 HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Tue, 05 Dec 2023 20:08:11 GMT
content-type: audio/mpeg
content-length: 51290
x-amz-id-2: CANkmzF5RFkOGQsEBlljct0vxETiOOOg5xxoxuF9mmxLFo+4lYfLT8W2lffGlbDuRXHvZS2uzk0=
x-amz-request-id: 2EKB7RW82RKJMT05
last-modified: Thu, 02 Jun 2022 12:59:34 GMT
etag: "390bca8d165546a8097b8951d2f400d4"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
content-range: bytes 0-51289/51290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVX0UwQYgt6LOa04sApd782vtPpZxDk3rLzGsMf0GFr6B6hFz%2FG7ZiyB%2Be4C1a5xPxFUDWS3UVlxesVLwtkgIQZ6fBlAX2bJBVwgC0WxuShnEU6Ec%2FUZptnSIFoGgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6e7c185687-OSL
alt-svc: h3=":443"; ma=86400
happy-u.vip/free-spins-ke%2Fsounds%2Fwin.mp3
188.114.97.1206 Partial Content 22 kB URL GET HTTP/3 happy-u.vip/free-spins-ke%2Fsounds%2Fwin.mp3
IP 188.114.97.1:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT
File type Audio file with ID3 version 2.3.0, contains:\012- MPEG ADTS, layer III, v2.5, 24 kbps, 11.025 kHz, Monaural\012- data
Hash c74dca6a3ab16c097234033fec7a8573
a6e73f993b73d589b9688a0679bdac39028017a0
79e8f06f8cb25d13c57d798f7e068d282dd2dfdb026b54aacc8ead2641542a56
GET /free-spins-ke%2Fsounds%2Fwin.mp3 HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Tue, 05 Dec 2023 20:08:11 GMT
content-type: audio/mpeg
content-length: 22067
x-amz-id-2: N5y/38boThQEmPJ70pl/Ze243Y8rl1TYMHEmehKME6KUr+j1zPqcITyLH1UlJWFbWaIh+mT6ZeA=
x-amz-request-id: GQ86GW87FJCCRPF9
last-modified: Thu, 02 Jun 2022 12:59:34 GMT
etag: "c74dca6a3ab16c097234033fec7a8573"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
content-range: bytes 0-22066/22067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6e0TAJENIZPEmc7CLQ91ChFk33%2FsT9oiNDP2Qo5DNGvnIznI6SJR19DOVQbZNnb9CU5GGXwj%2BMY%2BfVD9Lgwc3h0UYZZM5Vw3V4ykUJQ2S0e5Bi1ia%2FgqpvHnFdnaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6e7c145687-OSL
alt-svc: h3=":443"; ma=86400
notix.io/settings?appId=1004e573f6298b494995e0539d8329e&ver=0.15.19
139.45.240.92200 OK 327 B URL GET HTTP/2 notix.io/settings?appId=1004e573f6298b494995e0539d8329e&ver=0.15.19
IP 139.45.240.92:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjectnotix.io
Fingerprint68:78:0C:AA:A6:75:6F:E2:65:2D:3B:7E:5B:8A:2B:6B:F6:1A:BF:1D
ValidityFri, 15 Sep 2023 11:38:16 GMT - Thu, 14 Dec 2023 11:38:15 GMT
File type JSON data\012- , ASCII text, with very long lines (327), with no line terminators
Hash bf0f59f119686c0890d2a8be8df6cb23
f232d08bf915c9010c041dd6500398d997446f70
10af8d0b199fb5fc141f14782014cb5ba7e1bfbfbc8f3459a62ab3024bd28fea
GET /settings?appId=1004e573f6298b494995e0539d8329e&ver=0.15.19 HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://happy-u.vip/
Origin: https://happy-u.vip
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 20:08:11 GMT
content-type: application/json; charset=utf-8
content-length: 327
access-control-allow-origin: https://happy-u.vip
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
oungimuk.net/zone?&pub=0&zone_id=4336991&is_mobile=false&domain=happy-u.vip&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest
139.45.197.251200 OK 0 B URL POST HTTP/2 oungimuk.net/zone?&pub=0&zone_id=4336991&is_mobile=false&domain=happy-u.vip&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest
IP 139.45.197.251:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjectoungimuk.net
Fingerprint52:49:91:AA:04:62:59:A1:7D:AA:95:42:75:F3:62:7E:D8:66:82:DA
ValiditySun, 24 Sep 2023 05:45:36 GMT - Sat, 23 Dec 2023 05:45:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=4336991&is_mobile=false&domain=happy-u.vip&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest HTTP/1.1
Host: oungimuk.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://happy-u.vip
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 20:08:11 GMT
content-length: 0
x-trace-id: 09febbc020239344115720cc5e2b2570
access-control-allow-origin: https://happy-u.vip
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
track.landerlab.io/p/606dc316bd12e800113ca177?lander_id=1e08f60282cd55a61321314ef22873f5
104.18.16.6200 OK 0 B URL GET HTTP/2 track.landerlab.io/p/606dc316bd12e800113ca177?lander_id=1e08f60282cd55a61321314ef22873f5
IP 104.18.16.6:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerCloudflare, Inc.
Subjectlanderlab.io
FingerprintE5:19:57:65:1C:8A:4A:59:2F:10:FC:CE:EC:7C:74:C3:C9:6E:04:49
ValidityFri, 07 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/606dc316bd12e800113ca177?lander_id=1e08f60282cd55a61321314ef22873f5 HTTP/1.1
Host: track.landerlab.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 20:08:11 GMT
content-length: 0
cache-control: no-cache
set-cookie: worker_cookie=N4Igdgpg7g+gFgSwC4wQExALhAYwgMzQA4BDAJhwFoBOARiLMoBZbqAGSktAIwmaIDshfO2IBWEiAA0IAG4IAzslQZsbAGxEIaAMzrulHNTQDm6tjs7UxHLjnw4SOHGPVkm0uYuVIEAWwgFJBI/AAcsEDI2MktaRjYxABUozDYiTFpaADoydXUALU95JSQAewAnFQi0NDI0GyY+MSI0amZqI0oiNhIiSlp8MWoubh0dWggyT0cwkgQAczAq7HN1NBxx/TQ4iG62TJ1HWgEBTzBStAgYHDg5sCwAbQBdGUUYSCgsfBIAGwUIAC+QA; Expires=Wed, 06 Dec 2023 20:08:11 GMT; Domain=track.landerlab.io; Path=/; SameSite=None; Secure
__cf_bm=FedjCxufjiVTr_Rh56JWP5eIXIQWm4_3.07RTOuDgX0-1701806891-0-Af4ILWfOW0rViACL5ibQk83Fjy/mcqKqrnxHSc47oE+o8cYYp+O9vH2KuIukgeXP6Rk2t5E3c2v948TwxOc3I2o=; path=/; expires=Tue, 05-Dec-23 20:38:11 GMT; domain=.track.landerlab.io; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6e59c1b51d-OSL
X-Firefox-Spdy: h2
happy-u.vip/sw-check-permissions-77596.js
188.114.97.1200 OK 443 B URL GET HTTP/3 happy-u.vip/sw-check-permissions-77596.js
IP 188.114.97.1:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT
File type ASCII text, with very long lines (462), with no line terminators
Hash f0543799885fb5c86ac7c6bc29b508bc
ac3e9ae5ba4844ecfc9865ba1e7a9fbd32903eca
cb3fae5a8368bfba7e04d0df02732899f4edf1fd4e69a99938350a91bf590a32
GET /sw-check-permissions-77596.js HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:12 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=566
etag: W/"44d972e91b04c00bb67c0a08024625c4"
last-modified: Wed, 24 Aug 2022 13:50:20 GMT
x-amz-id-2: LniQnjFwRDJGl/Qzaa2mly7RbyC4H4tl4CPXKpoNV9oL1FTvvyS1oqO+27uzpRZRbYnnhToJrYs=
x-amz-request-id: 2EK3NV8G3KFHB4Z7
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41KwAovaaK7F36GW0%2Fofp0TlsAgbXC6Nmr%2B%2Bpe9O1LOyyhrCg9qGnKg1UC6R1O2nBYuKMjDNEiOSVENmNfuBs%2FvTrDZ2Y2cvDPhERFzHIrSHWdBARsL8vHwwznxZVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb72fba15687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
notix.io/ent/current/enot.min.js
139.45.240.92200 OK 145 kB URL GET HTTP/2 notix.io/ent/current/enot.min.js
IP 139.45.240.92:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjectnotix.io
Fingerprint68:78:0C:AA:A6:75:6F:E2:65:2D:3B:7E:5B:8A:2B:6B:F6:1A:BF:1D
ValidityFri, 15 Sep 2023 11:38:16 GMT - Thu, 14 Dec 2023 11:38:15 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 145 kB (144887 bytes)
Hash 5ec57c87dbac3f07e59e5d74ae3421e4
70121f1541a1961d7b87544001d612f18ad04243
e1d529afcbb911c99bb039ba39c7fb6716275b97650ae816a90fc03f256542bb
Analyzer Verdict Alert Public Nextron YARA rules malware Unique code from Jetriz, Swid & Jeniva of the Tetris framework
GET /ent/current/enot.min.js HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 20:08:11 GMT
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 16:35:15 GMT
etag: W/"65676843-235f7"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
happy-u.vip/free-spins-ke/
188.114.97.1200 OK 22 kB URL User Request GET HTTP/2 happy-u.vip/free-spins-ke/
IP 188.114.97.1:443
Certificate IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3238)
Hash 153504c8e5f4dd8f207b65a4e299bb16
6eaa94ee7283551988a0e50fc018d1d262d9d69a
9f2ce1fb98a5f899d3ed7c56fab134ee414f6d4d190b92f59d1bea21add46917
GET /free-spins-ke/ HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: text/html
x-amz-id-2: CDs6GMIDfinplf6kRrddbe6a2MTL4awsaQuLveun9kpL45H3CEwpRB/Ki9X6crXsyiKjWslkWbA=
x-amz-request-id: GP1TPKBAJ2ENYY9F
last-modified: Wed, 24 Aug 2022 13:49:50 GMT
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6pAUouu9h4WXCsO4MXY8glGzg1VZKhXA4kEQqy51Xqsge9InzYiky1TJmkWghxsK%2Fa2oGUKJiVmbmEzzdswpKOe5MbiGthD5nk41ciCgEIX6aeLRwATaeqX0hzcug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb68585656bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
happy-u.vip/images/arrow.png
188.114.97.1404 Not Found 351 B URL GET HTTP/3 happy-u.vip/images/arrow.png
IP 188.114.97.1:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (365), with no line terminators
Hash 4372326b1421bf79b07b24d81ace22ad
b45a3fa3f93e2bd52d2419fd8f67c900b58ca3a7
49daa5aab2344e5f7df1eff337d5387b5f49329eb0ca40595cea788296311fef
GET /images/arrow.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke%2Fcss%2Fstyle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Tue, 05 Dec 2023 20:08:11 GMT
content-type: text/html; charset=utf-8
x-amz-request-id: XM7JSDZ0CYG76386
x-amz-id-2: mqcVFJT+f/Lkp9dQHfHibmcmGxHDmqpTcXNIDc5JFRBXg3+iJK8D0Ca6/IR5ofWH5m+IDRFF7P4=
cache-control: max-age=2592000
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZMDb2GotsYu%2BBBUMRB7j7TIzP%2Bj59AVwvfvNmCndEoAKonBDTzhJCEwXnJELHAPIfckFAQ%2FCqFGcJ1d0UzeooHWzo9uSaEwYljwSofTrVJytA6hl9YS7VwKp5Xgjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6d49ff5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
happy-u.vip/free-spins-ke%2Fimages%2Fslot-start.png
188.114.97.1200 OK 26 kB URL GET HTTP/3 happy-u.vip/free-spins-ke%2Fimages%2Fslot-start.png
IP 188.114.97.1:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT
File type PNG image data, 410 x 279, 8-bit colormap, non-interlaced\012- data
Hash f491647556e492de92530b48827690aa
6296c44299f5acb17cb2c06e37391a70672b1fd3
efb819d37f19ec7505d9602488ce97868d84e1c7929ce83e308e23f02d97b95d
GET /free-spins-ke%2Fimages%2Fslot-start.png HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: image/png
content-length: 26084
x-amz-id-2: HoDHrjce/VcUU2zhtpaxwQMlFMDYwWay3DqWtxcO7JGbjsNHPukTFTtad9pghVuRvpDzJffi4f4=
x-amz-request-id: 419H7YTW900JZRM6
last-modified: Thu, 02 Jun 2022 12:59:33 GMT
etag: "f491647556e492de92530b48827690aa"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9ksK5abbyGY3ptonFHlTp2Poo0GzfazxGRkggH0vjzMi85874UOmKIHPH%2FRkOdQGORpdk57dWk0AH1ozuHxyWJkx27mDqqAliU6D5D481hxZ%2Bjy%2FLVh5NEX3TgvKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b6f1f5687-OSL
alt-svc: h3=":443"; ma=86400
happy-u.vip/favicon.ico
188.114.97.1404 Not Found 346 B IP 188.114.97.1:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (360), with no line terminators
Hash 43ac88ec8ac88b7525f7cbcc6dad8fe2
640c63303d8f84ff916c6734a4edbcaa0719a6d3
d1d6f03912e7823955fe2e9908f79a5981723b00bc1f0b48874af497e224fd13
GET /favicon.ico HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Tue, 05 Dec 2023 20:08:11 GMT
content-type: text/html; charset=utf-8
x-amz-request-id: XM7M24DJJHHNZ2HM
x-amz-id-2: ivZvFuTjxJDzTNi6AuEwTaxm/y8/NUgWeNtm+04aJnr6eU/snxE5aH3DOdRP5dUEm3BeoyA4eEQ=
cache-control: max-age=2592000
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5l7qJUI%2BJEoYp7a55p8%2F1PDmNz9UFdiwdbGIOM5rDQu2OP%2B5tqnFIGSXqeoZl34QUbcPCnIycV8pohdEaTfsGBfWtWUkZPBzNNkZiCxpUwoUvOZhPlrTuiXyxsLuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb70f88f5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
happy-u.vip/free-spins-ke%2Fcss%2Fstyle.css
188.114.97.1200 OK 11 kB URL GET HTTP/3 happy-u.vip/free-spins-ke%2Fcss%2Fstyle.css
IP 188.114.97.1:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT
File type ASCII text, with very long lines (10941), with no line terminators
Hash cb2e0fe2fe90d7572bf48419ecf1ee65
285568da5113f9203628287222cfbb469d0c2171
b3a3eb6e06b9f50fb0a3434a8c4033a496d5d37b6abaa83eb02b41ec66204de0
GET /free-spins-ke%2Fcss%2Fstyle.css HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=13222
etag: W/"538445a521226e69b9c4231a52ad5e79"
last-modified: Thu, 02 Jun 2022 12:59:32 GMT
x-amz-id-2: +tU/BSjpobN5fvgg4wbFtFDaM4FffXnvWyWIt/wRCaXZvbEE8/AYYKyFUHkg8lmafVlTXG8ppho=
x-amz-request-id: CT27F2CRHJX957PP
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0znASVlEYufjJIUu5WyrEPXmK8uvYtRrgRsHle2WFQCrY6aQvB9LAzggOEz2TQwzxwjH48GtpGjFx5cuHgsgNMoD0k0bvYzd5Y7Pgdm1yl0MjUiz%2BhIvISN1mM1rtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b6f185687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
happy-u.vip/free-spins-ke%2Fjs%2Fjquery.min.js
188.114.97.1200 OK 97 kB URL GET HTTP/3 happy-u.vip/free-spins-ke%2Fjs%2Fjquery.min.js
IP 188.114.97.1:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjecthappy-u.vip
Fingerprint60:D2:E0:0E:6D:F6:F0:3F:A6:B5:F1:91:7E:E3:90:90:29:80:0A:E4
ValidityThu, 26 Oct 2023 05:54:28 GMT - Wed, 24 Jan 2024 05:54:27 GMT
File type ASCII text, with very long lines (32063)
Hash 723e11a50995eef960d59451910e2cb4
76e617c6f9bad2602bdea1c20d50ba7c89a55097
ae34fd2197cffa02b5b7a753c262c1bbb3560afb92e403a1d59e935d8a320b41
GET /free-spins-ke%2Fjs%2Fjquery.min.js HTTP/1.1
Host: happy-u.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/free-spins-ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 05 Dec 2023 20:08:10 GMT
content-type: application/javascript
x-amz-id-2: +Fy3AmIpRj2BKz7Xwpph5k0hSAayTFaobu8Ue470V18b6x3fX1GOfRVAXJoAZ2CvIAtSvPW2DnM=
x-amz-request-id: 6SX6MYRSASCVH1PZ
last-modified: Thu, 02 Jun 2022 12:59:31 GMT
etag: W/"723e11a50995eef960d59451910e2cb4"
cache-control: max-age=2592000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eD2Y2CDyuUIstW%2B3FrZvsd1n6TbsaSpO%2B%2BQ3iW35r0ffae97%2FdhAYmR1foJK4Kx6LpMg4AkFA%2B6qEENEPIiktfzWPbUgpRHbuMPZdu3wBKJK0MnF8%2BHwjD%2F4k1UqGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830eeb6b7f3a5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
oungimuk.net/pfe/current/micro.tag.min.js?z=4336991&sw=/sw-check-permissions-77596.js
139.45.197.251200 OK 27 kB URL GET HTTP/2 oungimuk.net/pfe/current/micro.tag.min.js?z=4336991&sw=/sw-check-permissions-77596.js
IP 139.45.197.251:443
Requested by https://happy-u.vip/free-spins-ke/
Certificate IssuerLet's Encrypt
Subjectoungimuk.net
Fingerprint52:49:91:AA:04:62:59:A1:7D:AA:95:42:75:F3:62:7E:D8:66:82:DA
ValiditySun, 24 Sep 2023 05:45:36 GMT - Sat, 23 Dec 2023 05:45:35 GMT
File type ASCII text, with very long lines (27007), with no line terminators
Hash 5ccd2d5882a06f293d07510ac91c92e6
b44dc0eaa03981adb70d3313e728f9359c1d21c1
9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba
GET /pfe/current/micro.tag.min.js?z=4336991&sw=/sw-check-permissions-77596.js HTTP/1.1
Host: oungimuk.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://happy-u.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 20:08:11 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 17:44:23 GMT
etag: W/"6564d577-697f"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2