| www.mediaglobal.store/go/13192cf5-89f9-4ec3-a8a2-b121a66bba4c?cost=0.001000 | 3.70.16.242 | | 332 B |
URL www.mediaglobal.store/go/13192cf5-89f9-4ec3-a8a2-b121a66bba4c?cost=0.001000 IP3.70.16.242:0
File typeHTML document, ASCII text, with very long lines (332), with no line terminators Hash74da26475e033d2e19f15ff80d0a2396 3fe0f9519f60708438c8642c6a3c5b9b76b0ff11 652a799181c40abfbe4b4a3aac4aebd62b0d0c58d4718af4e8c842e4ee16415a
GET /go/13192cf5-89f9-4ec3-a8a2-b121a66bba4c?cost=0.001000 HTTP/1.1
Host: www.mediaglobal.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Thu, 18 Apr 2024 09:16:00 GMT
content-type: text/html; charset=utf-8
content-length: 332
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
location: https://aff.telelime.space/?utm_medium=a403ed77cf7cee68a98b36c5224270cc02fcef9f&utm_campaign=target_DZ_dbd247&cid=9cTjTuP3FQs1wjbE2fjhiT
set-cookie: bemob-viewer-id=cc7ca270-68d0-4810-b827-423c9d3ce92c; Domain=www.mediaglobal.store; Path=/; Expires=Fri, 18 Apr 2025 09:16:00 GMT; HttpOnly; Secure; SameSite=None
bemob-uniq-visit:13192cf5-89f9-4ec3-a8a2-b121a66bba4c=1; Domain=www.mediaglobal.store; Path=/; Expires=Fri, 19 Apr 2024 09:16:00 GMT; HttpOnly; Secure; SameSite=None
bemob-rotation:13192cf5-89f9-4ec3-a8a2-b121a66bba4c:random:f68e788c4103589acb72c3a0cf7bc2f3=0-0-0; Domain=www.mediaglobal.store; Path=/; Expires=Fri, 19 Apr 2024 09:16:00 GMT; HttpOnly; Secure; SameSite=None
bemob-click-id=9cTjTuP3FQs1wjbE2fjhiT; Domain=www.mediaglobal.store; Path=/; Expires=Sat, 18 May 2024 09:16:00 GMT; HttpOnly; Secure; SameSite=None
vary: Accept
x-response-time: 50.383ms
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
X-Firefox-Spdy: h2
|
|
| aff.telelime.space/?utm_medium=a403ed77cf7cee68a98b36c5224270cc02fcef9f&utm_campaign=target_DZ_dbd247&cid=9cTjTuP3FQs1wjbE2fjhiT | 184.154.47.14 | | 7.6 kB |
URL aff.telelime.space/?utm_medium=a403ed77cf7cee68a98b36c5224270cc02fcef9f&utm_campaign=target_DZ_dbd247&cid=9cTjTuP3FQs1wjbE2fjhiT IP184.154.47.14:0
File typegzip compressed data, from Unix Hash724875ec5af2152bf861a93815311e8b ff26ea3c21c10862f7d014ed337b1885caa221cb c3d266523a3f9ce7469c182b2647dcb9fb690cb658f965fa6df5ce922f3e8e91
GET /?utm_medium=a403ed77cf7cee68a98b36c5224270cc02fcef9f&utm_campaign=target_DZ_dbd247&cid=9cTjTuP3FQs1wjbE2fjhiT HTTP/1.1
Host: aff.telelime.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 09:16:00 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443"; ma=604800; persist=1
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7359133373144498244&website=24033-fd7afc9z&placement=24033&eyeg=181f5850342ef5975c665a0b4c39cae7&eyer=0.10867436559701538&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=aff.telelime.space | 51.68.85.158 | | 0 B |
URL www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7359133373144498244&website=24033-fd7afc9z&placement=24033&eyeg=181f5850342ef5975c665a0b4c39cae7&eyer=0.10867436559701538&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=aff.telelime.space IP51.68.85.158:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7359133373144498244&website=24033-fd7afc9z&placement=24033&eyeg=181f5850342ef5975c665a0b4c39cae7&eyer=0.10867436559701538&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=aff.telelime.space HTTP/1.1
Host: www.trimbuilder.foundation
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 18 Apr 2024 09:16:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7359133373144498244&website=24033-fd7afc9z&placement=24033&eyeg=3&eyer=0.10867436559701538&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=aff.telelime.space
|
|
| www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7359133373144498244&website=24033-fd7afc9z&placement=24033&eyeg=3&eyer=0.10867436559701538&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=aff.telelime.space | 51.68.85.158 | | 0 B |
URL www.trimbuilder.foundation/?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7359133373144498244&website=24033-fd7afc9z&placement=24033&eyeg=3&eyer=0.10867436559701538&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=aff.telelime.space IP51.68.85.158:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?sl=5768231-bead7&data1=Track1&data2=Track2&tag=M7359133373144498244&website=24033-fd7afc9z&placement=24033&eyeg=3&eyer=0.10867436559701538&eyei=0&eyew=1280&eyeh=1024&eyetd=220&eyef=aff.telelime.space HTTP/1.1
Host: www.trimbuilder.foundation
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 18 Apr 2024 09:16:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330008ed7e5a5cba0fbf19bb15db913d998990418-202404-flb*5768231-bead7*M7359133373144498244*sl_5768231-bead7*0904f72f2ccc0ee8c73edf7ef43a6ce90de0288a*24033-fd7afc9z*24033
|
|
| www.trimbuilder.foundation/favicon.ico | 51.68.85.158 | | 0 B |
URL www.trimbuilder.foundation/favicon.ico IP51.68.85.158:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.trimbuilder.foundation
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Thu, 18 Apr 2024 09:16:01 GMT
Connection: keep-alive
|
|
| admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330008ed7e5a5cba0fbf19bb15db913d998990418-202404-flb*5768231-bead7*M7359133373144498244*sl_5768231-bead7*0904f72f2ccc0ee8c73edf7ef43a6ce90de0288a*24033-fd7afc9z*24033 | 172.67.71.68 | | 202 B |
URL admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330008ed7e5a5cba0fbf19bb15db913d998990418-202404-flb*5768231-bead7*M7359133373144498244*sl_5768231-bead7*0904f72f2ccc0ee8c73edf7ef43a6ce90de0288a*24033-fd7afc9z*24033 IP172.67.71.68:0
File typeHTML document, ASCII text Hash886cdf0650c074e870da43ca3d063212 42becf7ea7f981f38c0bef346b980f1263c826e3 69296a6383b2fbf1b474c6fc03b7bc4bd94faef111c30532a9c0a2ccec2b5382
GET /track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330008ed7e5a5cba0fbf19bb15db913d998990418-202404-flb*5768231-bead7*M7359133373144498244*sl_5768231-bead7*0904f72f2ccc0ee8c73edf7ef43a6ce90de0288a*24033-fd7afc9z*24033 HTTP/1.1
Host: admoustache.aftrad-visit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 18 Apr 2024 09:16:01 GMT
content-type: text/html; charset=utf-8
content-length: 202
location: https://t3.blowingwnd.com/l.php?p=c:btrsnl901aaqozhg8&d=65ce2e32e492740f6e0cacf0&pid=201KCtw2X4W5UaiCoygQriYXxFv7frX57F3hFg3xLN4aCRcHvwNmJ8VFNXVbakHmsmcChS&s=1B7fmUHKE
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cCUqCDnG48USVL%2F2MtWAuT%2BlZ%2BTWESqhqk3Q1HFIUd6QqlF94Q%2BaWaUZH99H6rHQLG8eBOguJAFWAjORLqOAD%2F3y%2Fa7YDpB53FnGT3%2F5pAvDV%2F%2FNJvwtlE7%2BCKGzJ8pBoOfkWyCzjNmMVUNsCj4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87638dbdfa145699-OSL
X-Firefox-Spdy: h2
|
|
| t3.blowingwnd.com/l.php?p=c:btrsnl901aaqozhg8&d=65ce2e32e492740f6e0cacf0&pid=201KCtw2X4W5UaiCoygQriYXxFv7frX57F3hFg3xLN4aCRcHvwNmJ8VFNXVbakHmsmcChS&s=1B7fmUHKE | 51.161.115.163 | | 0 B |
URL t3.blowingwnd.com/l.php?p=c:btrsnl901aaqozhg8&d=65ce2e32e492740f6e0cacf0&pid=201KCtw2X4W5UaiCoygQriYXxFv7frX57F3hFg3xLN4aCRcHvwNmJ8VFNXVbakHmsmcChS&s=1B7fmUHKE IP51.161.115.163:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /l.php?p=c:btrsnl901aaqozhg8&d=65ce2e32e492740f6e0cacf0&pid=201KCtw2X4W5UaiCoygQriYXxFv7frX57F3hFg3xLN4aCRcHvwNmJ8VFNXVbakHmsmcChS&s=1B7fmUHKE HTTP/1.1
Host: t3.blowingwnd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 09:16:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 13oes905nr
Raund: 313
Location: https://go.savethereef.xyz/redirect?feed=642698&url=t3.blowingwnd.com&subid=1B7fmUHKE&query=&pub_clickid=6620e4d27e6ad749a219214c&default_url=https%3A%2F%2Ft1.hightid.com%2Fr.php%3Fp%3Dc%3As_8942pgf_9qrwlx0%26d%3D653c9411464a4419c012ddb2%26s%3D%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D
|
|
| go.savethereef.xyz/redirect?feed=642698&url=t3.blowingwnd.com&subid=1B7fmUHKE&query=&pub_clickid=6620e4d27e6ad749a219214c&default_url=https%3A%2F%2Ft1.hightid.com%2Fr.php%3Fp%3Dc%3As_8942pgf_9qrwlx0%26d%3D653c9411464a4419c012ddb2%26s%3D%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D | 198.134.116.30 | | 0 B |
URL go.savethereef.xyz/redirect?feed=642698&url=t3.blowingwnd.com&subid=1B7fmUHKE&query=&pub_clickid=6620e4d27e6ad749a219214c&default_url=https%3A%2F%2Ft1.hightid.com%2Fr.php%3Fp%3Dc%3As_8942pgf_9qrwlx0%26d%3D653c9411464a4419c012ddb2%26s%3D%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D IP198.134.116.30:0 ASN#27257 WEBAIR-INTERNET
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=642698&url=t3.blowingwnd.com&subid=1B7fmUHKE&query=&pub_clickid=6620e4d27e6ad749a219214c&default_url=https%3A%2F%2Ft1.hightid.com%2Fr.php%3Fp%3Dc%3As_8942pgf_9qrwlx0%26d%3D653c9411464a4419c012ddb2%26s%3D%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D HTTP/1.1
Host: go.savethereef.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 09:16:02 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://t1.hightid.com/r.php?p=c:s_8942pgf_9qrwlx0&d=653c9411464a4419c012ddb2&s=642698&d2=t3.blowingwnd.com
|
|
| t1.hightid.com/r.php?p=c:s_8942pgf_9qrwlx0&d=653c9411464a4419c012ddb2&s=642698&d2=t3.blowingwnd.com | 51.161.115.163 | | 0 B |
URL t1.hightid.com/r.php?p=c:s_8942pgf_9qrwlx0&d=653c9411464a4419c012ddb2&s=642698&d2=t3.blowingwnd.com IP51.161.115.163:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r.php?p=c:s_8942pgf_9qrwlx0&d=653c9411464a4419c012ddb2&s=642698&d2=t3.blowingwnd.com HTTP/1.1
Host: t1.hightid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 09:16:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Round: 12mw6ufnb4
Raund: 2zt
Location: https://go.savethereef.xyz/redirect?feed=465513&url=https%3A%2F%2Fwww.twtch.co%2F&subid=custom_10utabg6hk.no.linux.firefox&query=642698&pub_clickid=6620e4d38694a05a7c079a2d&default_url=https%3A%2F%2Ft10.lowtid.com%2Fs.php%3Fp%3Dc%3A5mklge2tsml349y_c%26d%3D655744eb46c1f060291a7ac7%26s%3Ddu.%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D%26d1%3D%7Bquery%7D
|
|
| go.savethereef.xyz/redirect?feed=465513&url=https%3A%2F%2Fwww.twtch.co%2F&subid=custom_10utabg6hk.no.linux.firefox&query=642698&pub_clickid=6620e4d38694a05a7c079a2d&default_url=https%3A%2F%2Ft10.lowtid.com%2Fs.php%3Fp%3Dc%3A5mklge2tsml349y_c%26d%3D655744eb46c1f060291a7ac7%26s%3Ddu.%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D%26d1%3D%7Bquery%7D | 198.134.116.30 | | 0 B |
URL go.savethereef.xyz/redirect?feed=465513&url=https%3A%2F%2Fwww.twtch.co%2F&subid=custom_10utabg6hk.no.linux.firefox&query=642698&pub_clickid=6620e4d38694a05a7c079a2d&default_url=https%3A%2F%2Ft10.lowtid.com%2Fs.php%3Fp%3Dc%3A5mklge2tsml349y_c%26d%3D655744eb46c1f060291a7ac7%26s%3Ddu.%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D%26d1%3D%7Bquery%7D IP198.134.116.30:0 ASN#27257 WEBAIR-INTERNET
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=465513&url=https%3A%2F%2Fwww.twtch.co%2F&subid=custom_10utabg6hk.no.linux.firefox&query=642698&pub_clickid=6620e4d38694a05a7c079a2d&default_url=https%3A%2F%2Ft10.lowtid.com%2Fs.php%3Fp%3Dc%3A5mklge2tsml349y_c%26d%3D655744eb46c1f060291a7ac7%26s%3Ddu.%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D%26d1%3D%7Bquery%7D HTTP/1.1
Host: go.savethereef.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 09:16:03 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://ynnus4.life/click.php?key=py7mg5gkrb5zylpdk1zv&clickid=utm_source=465513_custom_10utabg6hk.no.linux.firefox&utm_medium=yeesshh&utm_content=6191310&utm_campaign=2739084&utm_conversion=R2E*Is7Lxfc&bid=0.00001&source=465513.custom_10utabg6hk.no.linux.firefox&pubfeed=465513&country=no
|
|
| ynnus4.life/click.php?key=py7mg5gkrb5zylpdk1zv&clickid=utm_source=465513_custom_10utabg6hk.no.linux.firefox&utm_medium=yeesshh&utm_content=6191310&utm_campaign=2739084&utm_conversion=R2E*Is7Lxfc&bid=0.00001&source=465513.custom_10utabg6hk.no.linux.firefox&pubfeed=465513&country=no | 95.216.29.188 | | 1.1 kB |
URL ynnus4.life/click.php?key=py7mg5gkrb5zylpdk1zv&clickid=utm_source=465513_custom_10utabg6hk.no.linux.firefox&utm_medium=yeesshh&utm_content=6191310&utm_campaign=2739084&utm_conversion=R2E*Is7Lxfc&bid=0.00001&source=465513.custom_10utabg6hk.no.linux.firefox&pubfeed=465513&country=no IP95.216.29.188:0 ASN#24940 Hetzner Online GmbH
File typeJavaScript source, ASCII text, with CRLF, LF line terminators Hash54d7fae1982e68c1d565ddff13036957 213edbd8566cec376f183a762735a35b2afdf241 f4f4e82dc999e4cfb126b7d5d3a9d3ea8383ac1124aaebd25acfe2c4555937ec
GET /click.php?key=py7mg5gkrb5zylpdk1zv&clickid=utm_source=465513_custom_10utabg6hk.no.linux.firefox&utm_medium=yeesshh&utm_content=6191310&utm_campaign=2739084&utm_conversion=R2E*Is7Lxfc&bid=0.00001&source=465513.custom_10utabg6hk.no.linux.firefox&pubfeed=465513&country=no HTTP/1.1
Host: ynnus4.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Thu, 18 Apr 2024 09:16:03 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=y9e21ng5i4; expires=Fri, 19-Apr-2024 09:16:03 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=y9e21ng5i4-y9e21ng5i4-dv-0-dv-du3y-du6o-ba40db; expires=Fri, 19-Apr-2024 09:16:03 GMT; Max-Age=86400; path=/; secure; SameSite=none
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
|
|
| ynnus4.life/favicon.ico | 95.216.29.188 | | 20 B |
IP95.216.29.188:0 ASN#24940 Hetzner Online GmbH
File typegzip compressed data, max speed, from Unix Hasha4745abc5e7fdb89cc6df3069f3c6e69 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /favicon.ico HTTP/1.1
Host: ynnus4.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ynnus4.life/click.php?key=py7mg5gkrb5zylpdk1zv&clickid=utm_source=465513_custom_10utabg6hk.no.linux.firefox&utm_medium=yeesshh&utm_content=6191310&utm_campaign=2739084&utm_conversion=R2E*Is7Lxfc&bid=0.00001&source=465513.custom_10utabg6hk.no.linux.firefox&pubfeed=465513&country=no
Cookie: uclick=y9e21ng5i4; uclickhash=y9e21ng5i4-y9e21ng5i4-dv-0-dv-du3y-du6o-ba40db
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Thu, 18 Apr 2024 09:16:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
|
|
| ynnus4.life/click.php?lp=1 | 95.216.29.188 | | 0 B |
URL ynnus4.life/click.php?lp=1 IP95.216.29.188:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click.php?lp=1 HTTP/1.1
Host: ynnus4.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ynnus4.life/click.php?key=py7mg5gkrb5zylpdk1zv&clickid=utm_source=465513_custom_10utabg6hk.no.linux.firefox&utm_medium=yeesshh&utm_content=6191310&utm_campaign=2739084&utm_conversion=R2E*Is7Lxfc&bid=0.00001&source=465513.custom_10utabg6hk.no.linux.firefox&pubfeed=465513&country=no
Cookie: uclick=y9e21ng5i4; uclickhash=y9e21ng5i4-y9e21ng5i4-dv-0-dv-du3y-du6o-ba40db
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.24.0
Date: Thu, 18 Apr 2024 09:16:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://berebereuolakola.com/link?z=6218287&var=63&ymid=d5c1by9e21ng5i47d6
Strict-Transport-Security: max-age=31536000
|
|
| my.rtmark.net/img.gif?f=merge&userId=008042c07c554586f32791be7df75ac5&z=6218288&p_rid=0c3f3d34-2486-43de-9aa1-6d996a0db7e2&p_src=sf | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=008042c07c554586f32791be7df75ac5&z=6218288&p_rid=0c3f3d34-2486-43de-9aa1-6d996a0db7e2&p_src=sf IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=008042c07c554586f32791be7df75ac5&z=6218288&p_rid=0c3f3d34-2486-43de-9aa1-6d996a0db7e2&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://berebereuolakola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 09:16:09 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008042c07c554586f32791be7df75ac5; expires=Fri, 18 Apr 2025 09:16:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| eptougry.net/sftouch?userId=008042c07c554586f32791be7df75ac5&z=6218288&p_rid=0c3f3d34-2486-43de-9aa1-6d996a0db7e2&p_src=sf&branchId=0&rb=27Bamo3HGAPI5Y18OL7JoEmd1V_FRGIqJAWcdEbUiprlROdN7hTWRaYUR2WUflHspnzhgkMbUtKRxrT4CrCq9TXxp2_0WzGPsGHlXRNkXY87Dlc9l84qFvg4A2hnf8AFsthbEkg4RY_Ig2rWBxs_G2P2r7_Bp6SQoOD-w5nba6JqdEWWtj1QcVEy6NTfkwVQ-ruZURwjiA9pCjlh9lvcGHnJPFlt1w7tzUAAqErDYXPgFJXMcbrwwYuwHWY3bPZM--KPktSwYbO9KR9t9o6oG1yybc8jrKnJ-EiNSOJNMWI= | 139.45.197.245 | | 2 B |
URL eptougry.net/sftouch?userId=008042c07c554586f32791be7df75ac5&z=6218288&p_rid=0c3f3d34-2486-43de-9aa1-6d996a0db7e2&p_src=sf&branchId=0&rb=27Bamo3HGAPI5Y18OL7JoEmd1V_FRGIqJAWcdEbUiprlROdN7hTWRaYUR2WUflHspnzhgkMbUtKRxrT4CrCq9TXxp2_0WzGPsGHlXRNkXY87Dlc9l84qFvg4A2hnf8AFsthbEkg4RY_Ig2rWBxs_G2P2r7_Bp6SQoOD-w5nba6JqdEWWtj1QcVEy6NTfkwVQ-ruZURwjiA9pCjlh9lvcGHnJPFlt1w7tzUAAqErDYXPgFJXMcbrwwYuwHWY3bPZM--KPktSwYbO9KR9t9o6oG1yybc8jrKnJ-EiNSOJNMWI= IP139.45.197.245:0
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sftouch?userId=008042c07c554586f32791be7df75ac5&z=6218288&p_rid=0c3f3d34-2486-43de-9aa1-6d996a0db7e2&p_src=sf&branchId=0&rb=27Bamo3HGAPI5Y18OL7JoEmd1V_FRGIqJAWcdEbUiprlROdN7hTWRaYUR2WUflHspnzhgkMbUtKRxrT4CrCq9TXxp2_0WzGPsGHlXRNkXY87Dlc9l84qFvg4A2hnf8AFsthbEkg4RY_Ig2rWBxs_G2P2r7_Bp6SQoOD-w5nba6JqdEWWtj1QcVEy6NTfkwVQ-ruZURwjiA9pCjlh9lvcGHnJPFlt1w7tzUAAqErDYXPgFJXMcbrwwYuwHWY3bPZM--KPktSwYbO9KR9t9o6oG1yybc8jrKnJ-EiNSOJNMWI= HTTP/1.1
Host: eptougry.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://berebereuolakola.com
DNT: 1
Connection: keep-alive
Referer: https://berebereuolakola.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 09:16:09 GMT
content-type: text/plain
content-length: 2
x-trace-id: 24c7daa5e5c2be60870bd018b1d0f12b
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://berebereuolakola.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| eptougry.net/?z=6218288&syncedCookie=true&rhd=false | 139.45.197.245 | 302 Found | 0 B |
URL User Request POST HTTP/2eptougry.net/?z=6218288&syncedCookie=true&rhd=false IP139.45.197.245:443
CertificateIssuerLet's Encrypt Subjecteptougry.net FingerprintC8:3B:C4:64:7F:01:38:96:B6:C7:22:F9:0B:B8:13:33:DD:0E:9C:E8 ValiditySun, 17 Mar 2024 05:35:52 GMT - Sat, 15 Jun 2024 05:35:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /?z=6218288&syncedCookie=true&rhd=false HTTP/1.1
Host: eptougry.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 666
Origin: https://berebereuolakola.com
DNT: 1
Connection: keep-alive
Referer: https://berebereuolakola.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 18 Apr 2024 09:16:09 GMT
content-length: 0
location: https://eu.can-get-so.me/pr?ids=wbwsdgevdua&hash=9d2e850da28b60f5&ext_req_id=804753763926807385&subid1=6218288&cost=0.001050
x-trace-id: ab13d09275f9fdfc7e19cb8dee9e0568
link: <https://eu.can-get-so.me>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://berebereuolakola.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080424644de494ce527087409cc3406; expires=Fri, 18 Apr 2025 09:16:09 GMT; path=/; secure; SameSite=None
oaidts=1713431769; expires=Fri, 18 Apr 2025 09:16:09 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| eu.can-get-so.me/pr?ids=wbwsdgevdua&hash=9d2e850da28b60f5&ext_req_id=804753763926807385&subid1=6218288&cost=0.001050 | 178.63.248.54 | 302 Found | 0 B |
URL User Request GET HTTP/2eu.can-get-so.me/pr?ids=wbwsdgevdua&hash=9d2e850da28b60f5&ext_req_id=804753763926807385&subid1=6218288&cost=0.001050 IP178.63.248.54:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjecteu.can-get-so.me Fingerprint06:3A:29:D0:50:D1:F5:1E:18:2E:C7:A2:FC:B4:01:5D:7B:49:F5:0C ValiditySun, 25 Feb 2024 03:31:23 GMT - Sat, 25 May 2024 03:31:22 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pr?ids=wbwsdgevdua&hash=9d2e850da28b60f5&ext_req_id=804753763926807385&subid1=6218288&cost=0.001050 HTTP/1.1
Host: eu.can-get-so.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: Angie
date: Thu, 18 Apr 2024 09:16:10 GMT
content-length: 0
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
referrer-policy: no-referrer
location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB_2
set-cookie: rauid=7Ll9jg45QXazlyZh7cbBlw; expires=Fri, 18 Apr 2025 09:16:10 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB_2 | 13.107.213.53 | 403 Forbidden | 409 B |
URL User Request GET HTTP/2adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB_2 IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
File typeASCII text, with CRLF line terminators Hashc03f1a42fa0f9ccf434687649488a83e 37e83c05c334e0a7fd57f64201f4a56d8425a3c4 31c8fb35c4a51083ccdc5e579d081a4e277fabaed49f97c174e295a583ee3a28
GET /redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB_2 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 18 Apr 2024 09:16:10 GMT
content-type: text/html
content-length: 409
x-azure-ref: 20240418T091610Z-17f9dd4c48b2smg4vb48rxw4zn00000001b000000000g8zm
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| adserving.unibet.com/favicon.ico | 13.107.246.53 | 403 Forbidden | 409 B |
URL GET HTTP/2adserving.unibet.com/favicon.ico IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB_2 CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
File typeASCII text, with CRLF line terminators Hashe1aa847fc970fb8b698317e5486d82be 81ca663dc9a57a304a925603109d2f45fcfdabbb c8245d3d0e5a9d7f7743e0df10b1dd97ab41ad863f56d4388fd7bdaa1013fd82
GET /favicon.ico HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB_2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 18 Apr 2024 09:16:10 GMT
content-type: text/html
content-length: 409
x-azure-ref: 20240418T091610Z-17f9dd4c48bwtsrhqn0xv2srp400000001z000000000ebn3
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|