Overview

URL rouonixon.com/4/5232943/
IP139.45.197.238
ASNRETN Limited
Location United Kingdom
Report completed2022-09-18 20:50:00 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-18 2 rouonixon.com/4/5232943/ Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-18 2 unphionetor.com Sinkholed
2022-09-18 2 unphionetor.com Sinkholed
2022-09-18 2 unphionetor.com Sinkholed
2022-09-18 2 unphionetor.com Sinkholed
2022-09-18 2 highperformancegate.com Sinkholed
2022-09-18 2 highperformancegate.com Sinkholed
2022-09-18 2 ptauxofi.net Sinkholed


Files

No files detected



Passive DNS (38)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-18 04:48:15 UTC 34.117.237.239
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-18 06:05:26 UTC 35.83.91.138
mnemonic passive DNS ocsp.securetrust.com (1) 18792 2019-12-23 03:05:54 UTC 2022-09-18 10:23:55 UTC 23.36.79.25
mnemonic passive DNS unphionetor.com (4) 54035 2022-02-11 12:53:49 UTC 2022-09-18 13:42:36 UTC 139.45.197.236
mnemonic passive DNS use.fontawesome.com (2) 942 2017-01-30 04:43:25 UTC 2022-09-18 05:59:20 UTC 172.67.169.247
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-18 04:47:09 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS script.crazyegg.com (5) 1992 2015-01-07 19:40:26 UTC 2022-09-18 09:46:36 UTC 104.19.147.8
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-18 12:17:51 UTC 142.250.74.10
mnemonic passive DNS unibet.demdex.net (1) 338024 2017-01-30 05:50:24 UTC 2022-09-18 14:04:01 UTC 52.30.136.248
mnemonic passive DNS pagestates-tracking.crazyegg.com (1) 3647 2020-10-26 19:42:04 UTC 2022-09-18 12:29:40 UTC 54.230.111.20
mnemonic passive DNS assets-tracking.crazyegg.com (1) 3651 2021-10-27 14:05:49 UTC 2022-09-18 12:29:40 UTC 54.230.111.105
mnemonic passive DNS secure.adnxs.com (1) 396 2012-05-22 16:37:37 UTC 2022-09-18 10:04:44 UTC 185.89.210.46
mnemonic passive DNS cm.everesttech.net (1) 996 2017-01-30 04:59:57 UTC 2022-09-18 07:07:12 UTC 34.248.32.199
mnemonic passive DNS rouonixon.com (3) 0 2020-11-06 08:20:50 UTC 2022-09-18 15:15:46 UTC 139.45.197.238 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-18 06:05:25 UTC 143.204.55.49
mnemonic passive DNS my.rtmark.net (2) 9054 2017-08-22 14:11:49 UTC 2022-09-18 09:42:12 UTC 139.45.195.8
mnemonic passive DNS welcome.unibet.com (17) 242429 2017-01-30 05:39:28 UTC 2022-09-18 14:04:00 UTC 108.161.188.196
mnemonic passive DNS ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-09-18 04:51:37 UTC 142.250.74.3
mnemonic passive DNS ocsp.digicert.com (7) 86 2012-05-21 07:02:23 UTC 2022-09-18 19:15:51 UTC 93.184.220.29
mnemonic passive DNS go.deliverymodo.com (2) 672700 2016-07-21 09:52:46 UTC 2022-09-18 11:17:08 UTC 139.45.197.236
mnemonic passive DNS cdn.bannerflow.com (3) 23819 2018-02-22 12:57:21 UTC 2022-09-18 14:04:01 UTC 104.16.174.188
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-18 16:02:06 UTC 143.204.55.115
mnemonic passive DNS no.unibet.com (2) 201503 2012-07-26 09:42:52 UTC 2022-09-18 13:03:13 UTC 85.184.96.0
mnemonic passive DNS dpm.demdex.net (3) 204 2017-01-30 04:59:39 UTC 2022-09-18 06:33:04 UTC 34.242.116.160
mnemonic passive DNS unibetlondonltd.d3.sc.omtrdc.net (1) 444877 2017-01-29 21:05:05 UTC 2022-09-18 14:04:01 UTC 15.188.95.229
mnemonic passive DNS r3.o.lencr.org (8) 344 2020-12-02 08:52:13 UTC 2022-09-18 05:00:37 UTC 23.36.77.32
mnemonic passive DNS adserving.unibet.com (1) 98000 2015-05-26 06:56:53 UTC 2022-09-18 13:03:13 UTC 23.36.79.43
mnemonic passive DNS a1s-cdn.unibet.com (1) 283505 2014-04-23 15:07:51 UTC 2022-09-18 14:04:01 UTC 85.184.96.5
mnemonic passive DNS a1s.unibet.com (1) 297625 2017-01-30 00:44:42 UTC 2022-09-18 14:04:01 UTC 85.184.96.5
mnemonic passive DNS ajax.googleapis.com (1) 12905 2019-10-15 17:52:08 UTC 2022-09-18 19:53:06 UTC 142.250.74.74
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.118
mnemonic passive DNS toapodazoay.com (2) 624090 2017-11-17 09:59:00 UTC 2022-09-18 15:15:47 UTC 139.45.197.152
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-09-18 14:37:21 UTC 172.64.155.188
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-09-18 04:20:51 UTC 34.120.237.76
mnemonic passive DNS go.ad2upapp.com (1) 566190 2016-06-11 11:42:08 UTC 2022-09-18 11:17:08 UTC 139.45.197.237
mnemonic passive DNS www.highperformancegate.com (2) 0 2022-07-15 22:36:50 UTC 2022-09-18 12:20:25 UTC 192.243.61.227 Unknown ranking
mnemonic passive DNS tracking.crazyegg.com (1) 3633 2020-03-10 07:15:05 UTC 2022-09-18 12:29:40 UTC 54.229.197.178
mnemonic passive DNS ptauxofi.net (1) 35628 2021-03-31 05:35:12 UTC 2022-09-18 15:15:47 UTC 139.45.197.250


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 139.45.197.238

Date UQ / IDS / BL URL IP
2022-12-01 12:38:53 +0000
0 - 0 - 2 inoradde.com/4326563/ 139.45.197.238
2022-12-01 12:21:37 +0000
0 - 0 - 2 inoradde.com/4326568/ 139.45.197.238
2022-12-01 11:49:04 +0000
0 - 0 - 16 formarshtompchan.com/4/4937737/ 139.45.197.238
2022-12-01 10:37:19 +0000
0 - 0 - 7 viapawniarda.com/4/5189437/ 139.45.197.238
2022-12-01 10:36:06 +0000
0 - 0 - 2 viapawniarda.com/ 139.45.197.238

Last 5 reports on ASN: RETN Limited

Date UQ / IDS / BL URL IP
2022-12-01 12:38:53 +0000
0 - 0 - 2 inoradde.com/4326563/ 139.45.197.238
2022-12-01 12:35:21 +0000
0 - 0 - 6 ibugreeza.com/?l=DOLVqvJtHQeByA2&b=14676507&z (...) 139.45.197.151
2022-12-01 12:29:47 +0000
0 - 0 - 4 apphomeforbests.com/ 139.45.197.151
2022-12-01 12:21:37 +0000
0 - 0 - 2 inoradde.com/4326568/ 139.45.197.238
2022-12-01 11:49:04 +0000
0 - 0 - 16 formarshtompchan.com/4/4937737/ 139.45.197.238

Last 5 reports on domain: rouonixon.com

Date UQ / IDS / BL URL IP
2022-12-01 06:04:35 +0000
0 - 0 - 1 rouonixon.com/4/4346273/ 139.45.197.238
2022-12-01 05:58:40 +0000
0 - 0 - 1 rouonixon.com/4/4372664/ 139.45.197.238
2022-12-01 05:51:11 +0000
0 - 0 - 1 rouonixon.com/4/4332886/ 139.45.197.238
2022-12-01 05:34:47 +0000
0 - 0 - 2 rouonixon.com/4/4332888/ 139.45.197.238
2022-12-01 05:32:53 +0000
0 - 0 - 1 rouonixon.com/4/4347843/ 139.45.197.238

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-28 13:18:38 +0000
0 - 0 - 4 c.srvpcn.com/iclick 3.226.193.51
2022-11-28 11:25:13 +0000
0 - 0 - 12 zackary-has-shah.blogspot.com/2022/04/which-o (...) 142.250.74.161
2022-11-28 10:10:51 +0000
0 - 0 - 1 rouonixon.com/4/4934666/ 139.45.197.238
2022-11-28 07:28:07 +0000
0 - 0 - 4 ak.psaltauw.net/4/5383960 23.36.77.34
2022-11-28 04:08:12 +0000
0 - 0 - 6 eu.lnslagging.click/it/i14s22/tim/ 207.154.225.165


JavaScript

Executed Scripts (39)


Executed Evals (9)

#1 JavaScript::Eval (size: 60, repeated: 1) - SHA256: 9d51544cc513110b130345a977b1e9e630b5a7aa01518f7f7898758b79a9699f

                                        (function() {
    return visitor.getMarketingCloudVisitorID()
})();
                                    

#2 JavaScript::Eval (size: 55, repeated: 1) - SHA256: 14986cbd70f8b8a1770adf9800c113847daf392c2999dfff9dc71d2be98f3282

                                        (function() {
    return visitor.getAnalyticsVisitorID()
})();
                                    

#3 JavaScript::Eval (size: 61, repeated: 1) - SHA256: 9259355921509ced00b4d7d3e76c151037a06c88a646cd7d47d5d9c96984697c

                                        (function() {
    return window.functions.timeParting("n", "0")
})();
                                    

#4 JavaScript::Eval (size: 135, repeated: 1) - SHA256: fc7b851f30df68c5cc6d1fb3f06c300b2b1d7271f76cc187224050270141f0ed

                                        (function() {
    if (window.innerHeight) return window.innerHeight;
    d = screen.width + "x" + screen.height;
    return d.documentElement.offsetHeight
})();
                                    

#5 JavaScript::Eval (size: 132, repeated: 1) - SHA256: 0a23e511994a2c03a725773de07810ff171878b9c0177f40a663038e4e251168

                                        (function() {
    if (window.innerWidth) return window.innerWidth;
    d = screen.width + "x" + screen.height;
    return d.documentElement.offsetWidth
})();
                                    

#6 JavaScript::Eval (size: 62, repeated: 1) - SHA256: adf0ca592504ef680d5ea02d5161b15be0572fd3e5b41d152b74f0c76aea6c42

                                        (function() {
    return window.functions.getPageNameOldEvar1()
})();
                                    

#7 JavaScript::Eval (size: 54, repeated: 1) - SHA256: fc490a09c28110ae2a7c965801ebeb5c572587f55c3524889f547dbcc34c1d81

                                        (function() {
    return screen.width + "x" + screen.height
})();
                                    

#8 JavaScript::Eval (size: 71, repeated: 1) - SHA256: dcdd7e7e286c45c94638f28053384616d6ca9a1b396b0109cb51f1298ba342bb

                                        (function() {
    return Math.round((new Date).getTime() / 1E3).toString()
})();
                                    

#9 JavaScript::Eval (size: 88, repeated: 1) - SHA256: 5e05e2cf30322e8f71d65a22aa5f4a095923b67286a61d83b7787e3468f42f62

                                        (function() {
    return "LP:" + BF_prop.LandingPageName.toString().replace(/:/ig, "").trim()
})();
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 50, repeated: 1) - SHA256: a2b051fa7d206df6e4eeee27678781de0752c1ac7adcfd359c1a2fc7ff507449

                                        < script src = "/widget/betslip/betslip.js" > < /script>
                                    


HTTP Transactions (101)


Request Response
                                        
                                            GET /4/5232943/ HTTP/1.1 
Host: rouonixon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         139.45.197.238
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
                                        
Server: nginx
Date: Sun, 18 Sep 2022 20:49:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: e08546b503f159df7b5a619a07e50c57
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=fe8e3f1e3be947e2b961b3564c1618a7; expires=Mon, 18 Sep 2023 20:49:49 GMT; path=/ oaidts=1663534189; expires=Mon, 18 Sep 2023 20:49:49 GMT; path=/ syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5402)
Size:   2922
Md5:    9af601d390b9a81b25addeecda44a9fb
Sha1:   107fdd1b1f3e4181d979c5189d9610df587d5dd3
Sha256: 0fe75a532c7f1646708dcef2bbca23443b27d7fab5fa16fcee62df9afda2297f

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4524
Expires: Sun, 18 Sep 2022 22:05:13 GMT
Date: Sun, 18 Sep 2022 20:49:49 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 20:02:58 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SfA8Tsi19PPr6cCOJ_OcstX8xwpyq-onYcY68isbZiH9YvzMEE8asw==
Age: 2811


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dbshncnpsFmfSEfj_qt9zxxoiuIUWvHsKrxvYhJy-UL-RsoFP1FlEA==
age: 58476
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 18 Sep 2022 20:49:49 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: rouonixon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rouonixon.com/4/5232943/
Cookie: OAID=fe8e3f1e3be947e2b961b3564c1618a7; oaidts=1663534189

                                         
                                         139.45.197.238
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Sun, 18 Sep 2022 20:49:49 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:49:49 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 18:25:20 GMT
Expires: Thu, 22 Sep 2022 18:25:19 GMT
Etag: "97e18938c56b7d7c43bddac19abc7dbd2eccc952"
Cache-Control: max-age=336329,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ccf34c18671c0a-OSL

                                        
                                            GET /img.gif?f=merge&userId=fe8e3f1e3be947e2b961b3564c1618a7 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rouonixon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 20:49:49 GMT
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=fe8e3f1e3be947e2b961b3564c1618a7; expires=Mon, 18 Sep 2023 20:49:49 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 18 Sep 2022 20:03:22 GMT
Expires: Sun, 18 Sep 2022 20:13:42 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vcJmELAtGxz9WcDXr3FMbLdQXmHBWb6JEsrP4CNgkSFVM8EKBB4X-A==
Age: 2787


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /?z=5232943&syncedCookie=true&rhd=false HTTP/1.1 
Host: rouonixon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 424
Origin: http://rouonixon.com
Connection: keep-alive
Referer: http://rouonixon.com/afu.php?zoneid=5232943&var=5232943&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false
Cookie: OAID=fe8e3f1e3be947e2b961b3564c1618a7; oaidts=1663534189
Upgrade-Insecure-Requests: 1

                                         
                                         139.45.197.238
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Sun, 18 Sep 2022 20:49:49 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: 1ad6cb2c029d6c2ff6d049b755eca3c2
Link: <https://toapodazoay.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://toapodazoay.com/?l=qCqekRDLtEBTXwP&s=595468152394223970&z=5232943&g=NO&svar=1663534189&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1663534189&ssk=6043319b8bdc58c1317fc9f9df1b9689&svarok=1&b=79056&oaid=fe8e3f1e3be947e2b961b3564c1618a7&rdk=rk3
Access-Control-Allow-Origin: http://rouonixon.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=fe8e3f1e3be947e2b961b3564c1618a7; expires=Mon, 18 Sep 2023 20:49:49 GMT; path=/ oaidts=1663534189; expires=Mon, 18 Sep 2023 20:49:49 GMT; path=/ syncedCookie=true; expires=Sun, 25 Sep 2022 20:49:49 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "132CE27DDDD9914DD993D849BB9D7FBDAAA442CE414ED9EAB5AFD9894B710831"
Last-Modified: Fri, 16 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9702
Expires: Sun, 18 Sep 2022 23:31:31 GMT
Date: Sun, 18 Sep 2022 20:49:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4585
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 20:49:50 GMT
Last-Modified: Sun, 18 Sep 2022 19:33:25 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6A9F8D918AE4E1740A92A6511084AC1F25E19B6CC46B918D0861BADC758F7C78"
Last-Modified: Fri, 16 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=616
Expires: Sun, 18 Sep 2022 21:00:06 GMT
Date: Sun, 18 Sep 2022 20:49:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0576E04EDEA99BCD59A9B4A16299D5502226A3166A59EB69F891DEC6762B6394"
Last-Modified: Fri, 16 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4458
Expires: Sun, 18 Sep 2022 22:04:08 GMT
Date: Sun, 18 Sep 2022 20:49:50 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m5/9RIEtj3UNy7Dxgj+CBA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.83.91.138
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IA1YJTBcLFQET5sMacdb70Ly8Uw=

                                        
                                            GET /fv.js?t=56193&cb=891915715 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.236
HTTP/2 200 OK
content-type: text/javascript; charset=utf8
                                        
server: nginx
date: Sun, 18 Sep 2022 20:49:50 GMT
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 33cffe589f57e4c1e4b41f8a366f235c
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5213), with no line terminators
Size:   2153
Md5:    0254fb1dad74628b7ad0f97d304fac92
Sha1:   35f7af13a08eb87023ec7df4d3c35c21b2cde79d
Sha256: 47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /vctx?t=56193 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toapodazoay.com
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Sun, 18 Sep 2022 20:49:50 GMT
content-length: 72
access-control-allow-origin: https://toapodazoay.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 395497d5addbf5b66de6dd1fe53e6b97
set-cookie: PRIT[56193]=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   72
Md5:    ab037df8ee1a9ec07561d397d1c8e767
Sha1:   f0f94d96ef5ebe3d0df1ce787a0da1501171ca6b
Sha256: ac653b677fa62c309ee308027f502e317003096f84c5624604a0a322ad9e46b3

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /vbl?t=56193&bid=79056&aid=595468152394223970 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toapodazoay.com
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Sun, 18 Sep 2022 20:49:50 GMT
access-control-allow-origin: https://toapodazoay.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 564d3e43172017f17ac8746bbd9effe3
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9390
Expires: Sun, 18 Sep 2022 23:26:21 GMT
Date: Sun, 18 Sep 2022 20:49:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9390
Expires: Sun, 18 Sep 2022 23:26:21 GMT
Date: Sun, 18 Sep 2022 20:49:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9390
Expires: Sun, 18 Sep 2022 23:26:21 GMT
Date: Sun, 18 Sep 2022 20:49:51 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Q6pjncaouCXUu0Pz7v6xF_8ClxxVypUSeggW23Z-UTsPamKCTgwjmA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:00:17 GMT
age: 82174
etag: "786c333cf08456aea446a55c547520572e1c2df9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11919
Md5:    f003d8b6e12692fb16dddd6827deead8
Sha1:   786c333cf08456aea446a55c547520572e1c2df9
Sha256: d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5827
x-amzn-requestid: 9f179e66-3c6f-4e53-94f2-989bf32a6b90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7gyHvboAMFSzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632572d1-799e74a63288269b79170d58;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:10:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9firpBGLDHkjq_CJX01tbyPPS9OXPsTfzC0dLioWt1Axg7Vw5LQ0xg==
via: 1.1 497370ec058751eb0d9251f66d50af5e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:15:02 GMT
age: 48889
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5827
Md5:    29f4a52fb629dce4ef8038d4df7ea58a
Sha1:   4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
Sha256: 32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6869
x-amzn-requestid: 8d5cf972-bd9a-42b8-ba33-5dd05191e9f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6u1GspIAMF9vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263e5e-12430c8c7122a3594aba8949;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:38:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: leqr7rYJyeBFlYuFM2D-wGJfb7_w-5HbW2Y1aHwjTzZ9_4MTFybNaA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:08:03 GMT
age: 81708
etag: "451c1f67948e45909e636828e3d2a3099de922f0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6869
Md5:    51d067e534c477ce996b3e806f6a132e
Sha1:   451c1f67948e45909e636828e3d2a3099de922f0
Sha256: e13318949733eb7992695c61570cc8b2961d881a8343c677a77cd035e787bbaf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd6067cf-6392-4f3a-8543-a3861c83d1cd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9093
x-amzn-requestid: 29c7788f-27e9-4823-8cba-ebf4ef9ea7ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tjEvsoAMFrtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbc-37b8d7930503d507592bf728;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8AtK_uI_vRz2em8nsfBq7zFkfQKNoPnjesvp_WdDJTiVbWB1NJT4mQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:47:52 GMT
age: 82919
etag: "04063797f76518668fdd9a5d5a86c7637eac43b8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9093
Md5:    5ae5a7fc19cf9601753b147621cb9f8c
Sha1:   04063797f76518668fdd9a5d5a86c7637eac43b8
Sha256: b1c659363aa69139a03aab9a6d76800b3568ccf5201f02e1ea864e2bff70d3a7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wxZ383nT9n_SBMH4D_k--23G7tb-2pQV0yDcUMvD17woMHbc2rx-NQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:53:55 GMT
age: 78956
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7788
Md5:    7a22ab7dcdf50f4a297b8e117d336eae
Sha1:   e139a0974317212f094fdbe59e26ca5cf6b9e56d
Sha256: 9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5133
x-amzn-requestid: 01f39c0a-c86f-4057-a505-20200819203c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioKkFrFoAMFhMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420a9-5821f44144b61475180ec961;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3tByM8rVW_WxdiBUCfXzxZWjMvH2PB2VQ290D-DLITqly6QQQKBNSw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:13:29 GMT
age: 48982
etag: "b2aaf019e083443a6404c262206ee2e981d3165c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5133
Md5:    56ade9172e883c777dd974ca879bceba
Sha1:   b2aaf019e083443a6404c262206ee2e981d3165c
Sha256: c8407ad191143d2d947464b357d8426efb334cb165c4fa5ca01573d8f7ca7b76
                                        
                                            GET /afu.php?id=792658&rt=1 HTTP/1.1 
Host: go.ad2upapp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         139.45.197.237
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 18 Sep 2022 20:49:51 GMT
Content-Length: 138
Connection: keep-alive
Location: http://go.deliverymodo.com/afu.php?id=792658&rt=1
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   138
Md5:    aff950cab4c0265e21d401db15f1026d
Sha1:   f03e18461817f7a6546c8bf8fa8d686d7e30aca0
Sha256: 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
                                        
                                            GET /afu.php?id=792658&rt=1 HTTP/1.1 
Host: go.deliverymodo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         139.45.197.236
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
                                        
Server: nginx
Date: Sun, 18 Sep 2022 20:49:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 113cc03e09400e33d48f474db01d24ee
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://www.highperformancegate.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=91666f5e4bdf48bfa47fbd053421d7d3; expires=Mon, 18 Sep 2023 20:49:51 GMT; path=/ oaidts=1663534191; expires=Mon, 18 Sep 2023 20:49:51 GMT; path=/ syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   638
Md5:    24014e4b91a6c429a7bfec514be66705
Sha1:   a30ca65afa4e60d234672603694e39cec83aa936
Sha256: fa6fe65414e629741b6169c73428746aca7c6bbbaf293c9ad41273208de0708b
                                        
                                            POST /vb?t=56193&bid=79056&aid=595468152394223970&tp=2028 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toapodazoay.com
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Sun, 18 Sep 2022 20:49:51 GMT
access-control-allow-origin: https://toapodazoay.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 8fb4ccd14046da4eb080d520388fb138
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: go.deliverymodo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=91666f5e4bdf48bfa47fbd053421d7d3; oaidts=1663534191

                                         
                                         139.45.197.236
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Sun, 18 Sep 2022 20:49:51 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:49:52 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 18:25:20 GMT
Expires: Thu, 22 Sep 2022 18:25:19 GMT
Etag: "97e18938c56b7d7c43bddac19abc7dbd2eccc952"
Cache-Control: max-age=336326,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ccf35b4f521c0a-OSL

                                        
                                            POST /img.gif?f=merge&userId=91666f5e4bdf48bfa47fbd053421d7d3 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         139.45.195.8
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sun, 18 Sep 2022 20:49:52 GMT
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=91666f5e4bdf48bfa47fbd053421d7d3; expires=Mon, 18 Sep 2023 20:49:52 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CD069BE9BFE8E6DE88A949B750C01AE7BEFFF4D196120C738A4A56BABCF925DE"
Last-Modified: Fri, 16 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3310
Expires: Sun, 18 Sep 2022 21:45:02 GMT
Date: Sun, 18 Sep 2022 20:49:52 GMT
Connection: keep-alive

                                        
                                            GET /cam2dwqai?key=9b44cd6350a69fb630694c066f2c6a98&psid=792658&rdk=rk1 HTTP/1.1 
Host: www.highperformancegate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         192.243.61.227
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 20:49:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17381785; expires=Mon, 19 Sep 2022 20:49:52 GMT ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM4MTc4NSwiayI6IjliNDRjZDYzNTBhNjlmYjYzMDY5NGMwNjZmMmM2YTk4Iiwic2lkIjoiNzkyNjU4IiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjYwMDE2LCJwaWQiOjI3NzQxNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMywiYWlkIjoyOCwicHQiOjQsInBrIjoiY2FtMmR3cWFpIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIifX0.4Fe1fO5laIg1jCiL4ENBsYzlH4qET8nVymE6vzr31SY; expires=Sun, 18 Sep 2022 20:50:52 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 55767cf2d98a75953740453ec8f28c1d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (315)
Size:   2393
Md5:    0b44bca95988db1c90de6dc6dd1c4571
Sha1:   af79a0dce401c5bd6712599b0b21bcb36424c68a
Sha256: e14f6f4fba78672a898dabc71ecf2ac54bba52be375f1a025b35844e7a56e786

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /cam2dwqai?pst=1663534252&rmtc=t&uuid=&pii=&in=false&key=9b44cd6350a69fb630694c066f2c6a98&rdk=rk1&shu=80c87491d171c6859a17e5ca7e0894f3c4200fefed21fd100bb96b309148aad3bff04b284d78a8b984a4541681eef80bb0db0d5c75f8ce350babbd9d0babc8256d9c915a253c10c7af67d6632ea8b9590a19bb&fr=0&sw2=1280&sh2=939&sw3=1280&sh3=176&sw4=1280&sh4=939&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1002 HTTP/1.1 
Host: www.highperformancegate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.highperformancegate.com/cam2dwqai?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=17381785
Cookie: u_pl=17381785; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM4MTc4NSwiayI6IjliNDRjZDYzNTBhNjlmYjYzMDY5NGMwNjZmMmM2YTk4Iiwic2lkIjoiNzkyNjU4IiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjYwMDE2LCJwaWQiOjI3NzQxNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozMywiYWlkIjoyOCwicHQiOjQsInBrIjoiY2FtMmR3cWFpIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiIifX0.4Fe1fO5laIg1jCiL4ENBsYzlH4qET8nVymE6vzr31SY; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

                                         
                                         192.243.61.227
HTTP/1.1 302 Found
Content-Type: text/html
                                        
Server: nginx/1.22.0
Date: Sun, 18 Sep 2022 20:49:52 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17381785
Set-Cookie: pdhtkv=true; expires=Mon, 19 Sep 2022 20:49:52 GMT uncs=1; expires=Mon, 19 Sep 2022 20:49:52 GMT pdhtkv28=true; expires=Mon, 19 Sep 2022 20:49:52 GMT uncs28=1; expires=Mon, 19 Sep 2022 20:49:52 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b54bf656936fb0afd2f5d2fea32c64a4
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17381785 HTTP/1.1 
Host: adserving.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highperformancegate.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
content-length: 0
location: https://no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&sref=ADST&ADST=17381785&affiliateId=1&pid=86190940&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sun, 18 Sep 2022 20:49:53 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 18 Sep 2022 20:49:53 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; domain=.unibet.com; expires=Tue, 18-Sep-3021 20:49:53 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=92
X-Firefox-Spdy: h2

                                        
                                            GET /stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&sref=ADST&ADST=17381785&affiliateId=1&pid=86190940&bid=37950 HTTP/1.1 
Host: no.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highperformancegate.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         85.184.96.0
HTTP/2 301 Moved Permanently
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
content-length: 0
location: https://no.unibet.com:443/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&sref=ADST&ADST=17381785&affiliateId=1&pid=86190940&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86190940-37950
set-cookie: JSESSIONID=node01rsit5p0t3v2g1qhta2ohmqs281910771.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; Path=/; Domain=.unibet.com; Expires=Tue, 17-Sep-2024 20:49:53 GMT; Max-Age=63072000; Secure; SameSite=None uniattr=ST.0.T; Path=/; Domain=.unibet.com; Expires=Tue, 17-Sep-2024 20:49:53 GMT; Max-Age=63072000; Secure; SameSite=None uniattr_ref="https://www.highperformancegate.com/"; Path=/; Domain=.unibet.com; Expires=Tue, 17-Sep-2024 20:49:53 GMT; Max-Age=63072000; Secure; SameSite=None UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None affid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None netwid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None CLAIM_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=40529346; Secure; SameSite=None framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Sun, 18-Sep-2022 20:50:08 GMT; Max-Age=15; Secure; SameSite=None affiliateId=1; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=40529346; Secure; SameSite=None B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=40529346; Secure; SameSite=None REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None BID=37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=40529346; Secure; SameSite=None PID=86190940; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=40529346; Secure; SameSite=None CHID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=40529346; Secure; SameSite=None UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None BOCAID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None PRODUCT_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=40529346; Secure; SameSite=None AFFILIATE_CAMPAIGN_ID=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=40529346; Secure; SameSite=None framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Sun, 18-Sep-2022 20:50:08 GMT; Max-Age=15; Secure; SameSite=None campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=40529346; Secure; SameSite=None framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Sun, 18-Sep-2022 20:50:08 GMT; Max-Age=15; Secure; SameSite=None clientId=polopoly_desktop; Domain=no.unibet.com; Path=/; SameSite=None; Secure
referer: https://www.highperformancegate.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Sun, 18 Sep 2022 20:49:53 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2

                                        
                                            GET /stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&sref=ADST&ADST=17381785&affiliateId=1&pid=86190940&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86190940-37950 HTTP/1.1 
Host: no.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highperformancegate.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         85.184.96.0
HTTP/2 301 Moved Permanently
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
content-length: 0
location: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&bid=37950&campaignId=2750545&pid=86190940
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Sun, 18 Sep 2022 20:49:53 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.securetrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 638
Date: Sun, 18 Sep 2022 20:49:53 GMT
Connection: keep-alive

                                        
                                            GET /no/pop/multisport/1-styles.css HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: W/"0x8DA52B67FB09D8F"
x-ms-request-id: 372388fa-d01e-004f-4f9e-cb6356000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   6679
Md5:    948dbf45edd521be2e3f63481b4e62bc
Sha1:   1aed93df11e60425a8fdcdf96e4862463422eaed
Sha256: a542fc4187a820a5133507c088b8c65c7757289ce1458668ce5b048171615e2f
                                        
                                            GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1 
Host: a1s-cdn.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         85.184.96.5
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   956
Md5:    fd48e87ecd4d06d9c5df490b91dc813e
Sha1:   a65a437db44444634e4f41732c590c1d14433b3f
Sha256: 2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
                                        
                                            GET /orval/tracking/lastclick.min.js HTTP/1.1 
Host: a1s.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         85.184.96.5
HTTP/2 304 Not Modified
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
etag: "705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.74
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 02:36:40 GMT
expires: Mon, 18 Sep 2023 02:36:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 65593
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30399
Md5:    0f83cadc148d2ad7e53c91f6c4ee05bb
Sha1:   90035c5fffedf4b0f099465f6b929a030b46c92b
Sha256: 3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /no/pop/multisport/gambling-commission.png HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
content-length: 178
location: https://www.unibet.com/
server: NetDNA-cache/2.2
x-cache: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&bid=37950&campaignId=2750545&pid=86190940 HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.highperformancegate.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
cache-control: public, max-age=900, immutable
content-md5: NGkNgKvE41ztpclvs1gdSA==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: W/"0x8DA52B67FA63ED8"
x-ms-request-id: 20b65f80-401e-003f-5b9e-cbdaa1000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16813
Md5:    de034901e785d6da2c08c64525c2a480
Sha1:   3ab264a12196ef86dffa74b01dd7a0b0052067bd
Sha256: 6453d3a8a2c00a4f7fdd8ad4bfd8c53588c21cddb225fc112921fab778599a97
                                        
                                            GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.169.247
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
content-length: 74320
x-amz-id-2: Pzy+oZtpOYwCGlQ13GYUyQ9f+Mzkye+xVoDWqjfXSSrEi7ga+0v+kbTvf2CU9FSJlljX+6J1VkE=
x-amz-request-id: 8XVB626A1NJ7F2MA
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: "3638e62ea50e6f5859b6a15276c25c87"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 744727
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITrj0eNqI3TNDUVzBWt%2FdT9qkASSTNcQ1%2FzvhLKM35jBbjSM%2Fkw0izTAcrlHlDawVlmXPcNGNSUhKq36DbQDgtRrU3fjSWGEW1hbJKltOv%2FAKF3xNY6Bxl7Ptk1erhn0BLUp0l0b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ccf3681c34b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Size:   74320
Md5:    3638e62ea50e6f5859b6a15276c25c87
Sha1:   f5aa1a463e223a294a42b314e1c63a614d594ec0
Sha256: 9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /no/pop/multisport/1-background-black.jpg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
content-length: 98453
cache-control: public, max-age=900, immutable
content-md5: jm2a9e8brf6Slbj8lnk8KA==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: "0x8DA52B6801D0B27"
x-ms-request-id: e94ed3bf-b01e-0004-379e-cb9f05000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Size:   98453
Md5:    8e6d9af5ef1badfe9295b8fc96793c28
Sha1:   e37cdf4093dc0a47246be7360e7945f91991f073
Sha256: de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
                                        
                                            GET /no/pop/multisport/google-play-ro.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68307D6EA"
x-ms-request-id: 16ae22b8-501e-0041-519e-cb4ae6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   13183
Md5:    0ac15890ad10d2a31bc0d5a631044eb1
Sha1:   85c686de2cac0a880ef487316560d3d4c7c7be24
Sha256: 7f000d3b2ea11fd4c24786243229c60e3bdd9d2ad329210c89313af87d8166eb
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /no/pop/multisport/icon-expert.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B6820929CB"
x-ms-request-id: 5b6fc1f8-f01e-0005-5d9e-cbc0d9000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16461
Md5:    17b5e431b7d68355aa1e93673b103130
Sha1:   bb7c15428ae30e4d611cf33fe845cd1be8c3f0c1
Sha256: 3cd2f12a4b96a387c846d74b8b9d9e6548de8608b337d4d63a5c1d210ad2f8f1
                                        
                                            GET /no/pop/multisport/icon-trust.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B68201D7DE"
x-ms-request-id: 9734bc03-801e-001f-3c9e-cba106000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16347
Md5:    a3b8ba506e52ba84df30b1d0efbd90ad
Sha1:   b10bf17761251850a340ce7e055f85da77cb62bb
Sha256: 1dea3257192d5481bace17dcba16a8b4df5850092f73aae7e684d7cdf5614f3c
                                        
                                            GET /widget/betslip/betslip.js HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 5fcfe589-201e-0074-109e-cb26f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   83806
Md5:    6268adad10b6cc6db243be0b6ba8a705
Sha1:   ad27489b5c8e726f99db171b133e625994dd52c7
Sha256: 0b991a1e09147f763b0fbdb37b0b44d7a2b8bc6f02d05abe54689b73c90b0f81
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 350146
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:49:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /no/pop/multisport/app-sports-icon.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B682FA1D49"
x-ms-request-id: e73c027a-001e-002e-569e-cb4015000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10218
Md5:    91e5681eba5137aa2e754921169fab4d
Sha1:   24e156f7fdd8bba7f70e8a508d9fdc1929e685f4
Sha256: 2ef489a6cc79370abc2583e8fd78930847a9fcdafec1c3e635ba17d38682cca6
                                        
                                            GET /no/pop/multisport/utv-logo.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: W/"0x8DA52B680312C74"
x-ms-request-id: 44715712-001e-003e-019e-cb857d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3539
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 20:49:54 GMT
Last-Modified: Sun, 18 Sep 2022 19:50:55 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 18 Sep 2022 20:49:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: application/json
                                        
date: Sun, 18 Sep 2022 20:49:54 GMT
content-length: 1538
access-control-expose-headers: CE-Version
ce-version: 11.4.4
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Sun, 18 Sep 2022 20:11:02 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 2332
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf3692ef0b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (4016), with no line terminators
Size:   1538
Md5:    5fc8c4e0409cee0471e90210587103fc
Sha1:   3a38ea349221a1e672165f8545235c069bb5fd17
Sha256: 1f8126fd393d43ec8b15b7a721bae5313e2a9d1e7c00bd63425380ffa2fae315
                                        
                                            GET /css?family=Roboto:300,400,500 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Sep 2022 20:49:53 GMT
date: Sun, 18 Sep 2022 20:49:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   644
Md5:    27ce23d9e8ad13c5806eeddb1a523186
Sha1:   c4c31fb04d82f77a600b0fcd661a4cfba36f1350
Sha256: 7a258ef576e47087290f5c3620512f1eadfdcf483d778eb4cee8cdc66aee4e18
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6047
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 20:49:54 GMT
Last-Modified: Sun, 18 Sep 2022 19:09:07 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1663534175491 HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.242.116.160
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-1-v040-04961460e.edge-irl1.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=35859620456394460051307749679870681653; Max-Age=15552000; Expires=Fri, 17 Mar 2023 20:49:54 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: schQ/8cOSr8=
Content-Length: 497
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Size:   497
Md5:    8510a7d3306af586d2e382809dfd1195
Sha1:   98e751a06cca80201ac3961dfca7ff39eb05e748
Sha256: 29ad9cb9749f6e9f4e6d879f155ce1242ec4422d822620138cd1879722bbc405
                                        
                                            GET /pages/versioned/common-scripts/2f6ad22e93ca0a50994ab7cdcb57f3ce.js HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Sun, 18 Sep 2022 20:49:54 GMT
content-length: 30407
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Sun, 04 Sep 2022 15:37:41 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 271105
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf36a387fb4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26535)
Size:   30407
Md5:    1f65bc4bbd6ed833ed7a7390184b379c
Sha1:   3fb62902e38cb7f88b14f278d6f170dcfab65e37
Sha256: 01d4c83582774ace9cbee5bf411010777536dc044440df0c2221f1ac59dff02d
                                        
                                            GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.210.46
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.21.3
Date: Sun, 18 Sep 2022 20:49:54 GMT
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: f4739a6f-2d3c-4fcf-8456-88daf6297a72
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2Ilanlwp/!]tbP6j2F-XstGt!@DV?$eaqg; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 17-Dec-2022 20:49:54 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    592ebefc7104d681d57852665e9ad514
Sha1:   15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
Sha256: 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4262
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 20:49:54 GMT
Last-Modified: Sun, 18 Sep 2022 19:38:52 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4089
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 20:49:54 GMT
Last-Modified: Sun, 18 Sep 2022 19:41:45 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6320
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 20:49:54 GMT
Last-Modified: Sun, 18 Sep 2022 19:04:34 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4089
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 20:49:54 GMT
Last-Modified: Sun, 18 Sep 2022 19:41:45 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /dest5.html?d_nsid=0 HTTP/1.1 
Host: unibet.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         52.30.136.248
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
date: Sun, 18 Sep 2022 20:49:54 GMT
DCS: dcs-prod-irl1-2-v040-00b64254e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 14 Sep 2022 10:24:54 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: uKeJjkCbR84=
Content-Length: 2791
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size:   2791
Md5:    ccbdcb1e84c241950763ec4cd516cdfc
Sha1:   55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
Sha256: de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
                                        
                                            GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=35885690656818586701308509623474577326&ts=1663534175687 HTTP/1.1 
Host: unibetlondonltd.d3.sc.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         15.188.95.229
HTTP/2 200 OK
content-type: application/x-javascript;charset=utf-8
                                        
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
date: Sun, 18 Sep 2022 20:49:54 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=462092 HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: application/json
                                        
date: Sun, 18 Sep 2022 20:49:54 GMT
content-length: 145
access-control-expose-headers: CE-Version
ce-version: 11.4.4
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Sun, 18 Sep 2022 20:11:01 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 2332
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf36b8a41b4eb-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   145
Md5:    cdf3352c4ee9feea08757336b0b9bc80
Sha1:   d746830d97cd160e22225b56289169035c80feaf
Sha256: 43ab99b5fa5bad01934c696da8f9385fe85c303dea6734808d9933450d111cc1
                                        
                                            GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1 
Host: cdn.bannerflow.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.174.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sun, 18 Sep 2022 20:49:54 GMT
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 414
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf36b4fd10b69-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1053), with no line terminators
Size:   556
Md5:    996c52ae16386a4ad599629c58dd00b4
Sha1:   69d5bfdcc1cfc342686e88e3ac4177082ecd7de3
Sha256: 28d564fbb89141284d5592d179b13b73aa0807c7bfdf37f7cfcde526a5d34c5e
                                        
                                            GET /healthcheck HTTP/1.1 
Host: pagestates-tracking.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 19
date: Thu, 14 Jul 2022 06:23:23 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: I1vIybuskmokgbz_FVEMWldQZ1DreQlt8Psv3hCTvFjKXkxkTFVrmA==
age: 5754392
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   19
Md5:    d06f04fccf68d0b228a5923187ce1afd
Sha1:   5de9df9fdd66a91eed06e31981553d4ab9ccf490
Sha256: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 20:49:54 GMT
Last-Modified: Sun, 18 Sep 2022 19:32:10 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -5SVtG3wBtgfNxMHVNx3yJnRARk-myPQDjhM6Zv6-eZKuRbERxxr0g==
Age: 4664

                                        
                                            GET /healthcheck HTTP/1.1 
Host: assets-tracking.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.105
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 19
date: Mon, 22 Aug 2022 11:33:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GJ-bfqcrWhFXgn8FcJyd5-IRJEOEykXlaL0ZTPEDfCxmlcRLydLeEQ==
age: 2366199
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   19
Md5:    d06f04fccf68d0b228a5923187ce1afd
Sha1:   5de9df9fdd66a91eed06e31981553d4ab9ccf490
Sha256: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
                                        
                                            GET /cm/dd?d_uuid=35859620456394460051307749679870681653 HTTP/1.1 
Host: cm.everesttech.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.248.32.199
HTTP/1.1 302
                                        
Date: Sun, 18 Sep 2022 20:49:54 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~YyeEcgAAAHUiDgMx; Domain=.everesttech.net; Expires=Mon, 18-Sep-2023 20:49:54 GMT; Path=/ everest_session_v2=YyeEcgAAAHUiDwMx; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YyeEcgAAAHUiDgMx
Server: AMO-cookiemap/1.1

                                        
                                            GET /ibs:dpid=411&dpuuid=YyeEcgAAAHUiDgMx HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.242.116.160
HTTP/1.1 302 Found
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v040-05eccb185.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YyeEcgAAAHUiDgMx
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=22643127171077439382547095375375182421; Max-Age=15552000; Expires=Fri, 17 Mar 2023 20:49:54 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: qR5yK/lmTIw=
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YyeEcgAAAHUiDgMx HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.242.116.160
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-1-v040-060f72962.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: ygBsKTnMSyY=
Content-Length: 59
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   59
Md5:    1251cd5e5c2def4c046309375f87c1c1
Sha1:   e02d6b0c6a5c495c15985e2832e335eda8528c80
Sha256: 4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 20:49:54 GMT
Last-Modified: Sun, 18 Sep 2022 20:17:29 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JPiOv88JxmhIHSpsQUYkZAtqHeR_0QTdm3HFXHF2mt_sZSm6BlZ1bw==
Age: 1945

                                        
                                            GET /clock?t=1663534175913 HTTP/1.1 
Host: tracking.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.229.197.178
HTTP/2 200 OK
content-type: text/plain
                                        
server: awselb/2.0
date: Sun, 18 Sep 2022 20:49:54 GMT
content-length: 26
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    82104f260b2b9222f688218d55d98bf6
Sha1:   38664b3fb8bcb4a56e6fd837f460b74f6fa0ab04
Sha256: 50fa5dab5e8d5dac1b4b49520b75620f29f3347f860655b6fed2b23ea4664f56
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fa6db45-871c-41e1-be1d-bc188fa9419b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8005
x-amzn-requestid: 2ce67f7f-9a03-4f4d-b06c-ec0de59c2854
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6KhH9PoAMFh2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263d76-6aeeee3217540c5863913912;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:34:46 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: K_ZInDx3OZbVvpWZ5vnimzx-Dk5twaTGv9VGXMZHFpZ0YN7lKZ_5HQ==
via: 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:57:48 GMT
etag: "04fb3179255ba5ec897ffc4581966945cc9fe2ca"
age: 82330
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8005
Md5:    f2e5759fd404a039955868b121bbd075
Sha1:   04fb3179255ba5ec897ffc4581966945cc9fe2ca
Sha256: 42623d1a0f52682db915b075a894d8cd18f2b53efc7815304b0304841536cf35
                                        
                                            GET /?l=qCqekRDLtEBTXwP&s=595468152394223970&z=5232943&g=NO&svar=1663534189&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1663534189&ssk=6043319b8bdc58c1317fc9f9df1b9689&svarok=1&b=79056&oaid=fe8e3f1e3be947e2b961b3564c1618a7&rdk=rk3 HTTP/1.1 
Host: toapodazoay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.152
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sun, 18 Sep 2022 20:49:50 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.25
set-cookie: reverse=RQejUiil8l2d9doSFa5_M9_If28mvCLWSqEfKcDzrHw; expires=Sun, 18-Sep-2022 21:49:49 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1 
Host: cdn.bannerflow.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.174.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sun, 18 Sep 2022 20:49:54 GMT
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 414
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf36b5fde0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/1-main.js HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68343779E"
x-ms-request-id: e0bc12cd-001e-0001-4e9e-cb4dde000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v5.7.1/css/all.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.169.247
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
x-amz-id-2: two71MZ5TpkTpFGIUMPhG3w461PdnkgDGgz27zq6i0Qpvw3joR7rDh9C0IttlYdL7ZaWe4KhN1g=
x-amz-request-id: CV7TMK6K5EDKVGFA
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1018391
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUfFhyeOeQC10XkmzvMI6HyIoH2huK1uW1qi%2BK7Atr%2FDoOxCS23xAokSbtpi6EUqNQg2I1p41kM0fgQGC7lup77mlu9Kp1x77mHF9XtfRjU1w%2Fn%2BetW6m7oMZ2ioUDPR30btVwE6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ccf3670ae8b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /custom.js HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: 387666f6-e01e-0044-5e3a-cb983d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /?l=qCqekRDLtEBTXwP&s=595468152394223970&z=5232943&g=NO&svar=1663534189&ba=0&dm=0&ep=0&vi=0&vo=0&i18db=0&tr=default&svar=1663534189&ssk=6043319b8bdc58c1317fc9f9df1b9689&svarok=1&b=79056&oaid=fe8e3f1e3be947e2b961b3564c1618a7&rdk=rk3&mprtr=1 HTTP/1.1 
Host: toapodazoay.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://toapodazoay.com
Connection: keep-alive
Referer: https://toapodazoay.com/?rzi=5232943&rsz=5232943&rid=
Cookie: reverse=RQejUiil8l2d9doSFa5_M9_If28mvCLWSqEfKcDzrHw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

                                         
                                         139.45.197.152
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 18 Sep 2022 20:49:50 GMT
vary: Accept-Encoding
x-powered-by: PHP/7.4.26
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/unibet-logo.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: W/"0x8DA52B6805B919A"
x-ms-request-id: 42ec40c3-d01e-0070-0d9e-cbabf5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1 
Host: cdn.bannerflow.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.174.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sun, 18 Sep 2022 20:49:54 GMT
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 414
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf36b4fcc0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/com-payments.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 20 Jun 2022 12:15:02 GMT
etag: W/"0x8DA52B680877D2F"
x-ms-request-id: 0c25b1af-601e-0028-189e-cb73aa000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/read_json.js HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B6834CEC1B"
x-ms-request-id: e73ac9b5-001e-002e-6c9e-cb4015000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/app-store-ro.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68300D310"
x-ms-request-id: 055d3b7c-b01e-0059-079e-cb9581000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/icon-sports.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86190940-37950&btag=127656177_BFD44FED540047498C7F37FFD15B7A10&bid=37950&campaignId=2750545&pid=86190940
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86190940%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1663534193309)%5c%2f%22%2c%22CookieTag%22%3a%223795086190940451240919C20229182049%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228120505295%7c1%22%7d%5d; __ucbt=node01rsit5p0t3v2g1qhta2ohmqs2; uniattr=ST.0.T; uniattr_ref="https://www.highperformancegate.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_BFD44FED540047498C7F37FFD15B7A10; BID=37950; PID=86190940; REFERER=https%3A%2F%2Fwww.highperformancegate.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BFD44FED540047498C7F37FFD15B7A10%26sref%3DADST%26ADST%3D17381785%26affiliateId%3D1%26pid%3D86190940%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sun, 18 Sep 2022 20:49:53 GMT
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B682395A83"
x-ms-request-id: 7941e365-401e-0010-7b9e-cbd76a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/micro.tag.min.js?sw=/sw-check-permissions/3683319&var=qCqekRDLtEBTXwP&z=3683319 HTTP/1.1 
Host: ptauxofi.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://toapodazoay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.250
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 18 Sep 2022 20:49:50 GMT
last-modified: Fri, 16 Sep 2022 10:36:49 GMT
etag: W/"632451c1-1a2de"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pages/scripts/0012/9242.js HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Sun, 18 Sep 2022 20:49:54 GMT
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.4.4
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=5675
last-modified: Sun, 18 Sep 2022 20:11:02 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 2332
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf368fea2b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pages/scripts/0012/9242.js?462092 HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Sun, 18 Sep 2022 20:49:54 GMT
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.4.4
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=5675
last-modified: Sun, 18 Sep 2022 20:11:02 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 2332
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccf3690ed3b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---