Report - mavink.com/explore/CD-Illusion-Girls

Report Overview

Submitted URL
mavink.com/explore/CD-Illusion-Girls
IP
157.245.141.65
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2022-12-07 03:03:09
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
f.jwwb.nl	974217	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	484 B	411 B	151.101.65.91
a1s.unibet.com	297625	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	702 B	76 kB	85.184.96.5
unibet.demdex.net	338024	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	488 B	3.4 kB	52.213.249.147
a1s-cdn.unibet.com	283505	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	714 B	1.7 kB	85.184.96.5
static.jmusicitalia.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	424 B	118 kB	193.70.112.181
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	4.0 kB	143.204.42.156
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.2 kB	52.28.211.11
foundfroshelves.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8.1 kB	73 kB	192.243.61.225
www.spikereekvelocity.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	530 B	2.9 kB	192.243.59.20
www.unibet.nu	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	5.8 kB	85.184.96.0
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	32 kB	216.58.211.10
dpm.demdex.net	204	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.6 kB	54.217.130.182
tracking.crazyegg.com	3633	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	449 B	221 B	52.51.158.68
bannerflow-feed-builder.azurewebsites.net	659103	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	553 B	783 B	104.40.147.180
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.188.211.138
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	9.1 kB	142.250.74.131
xml-v4.trafficmoose.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	222 B	198.134.116.17
welcome.unibet.com	242429	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	17 kB	243 kB	104.18.24.188
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	486 B	17 kB	142.250.74.35
secure.adnxs.com	396	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	796 B	1.8 kB	37.252.172.123
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	432 B	1.0 kB	172.64.132.15
mavink.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.2 kB	343 kB	157.245.141.65
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	6.1 kB	93.184.220.29
img.discogs.com	79937	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	516 B	727 B	104.18.28.109
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	172.64.155.188
script.crazyegg.com	1992	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	31 kB	104.19.148.8
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	746 B	142.250.74.106
umami.fadunews.in	717153	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	826 B	2.0 kB	143.198.115.204
st.cdjapan.co.jp	564572	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	802 B	145 kB	163.171.134.109
fastly.jwwb.nl	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	489 B	795 kB	151.101.129.91
unibetlondonltd.d3.sc.omtrdc.net	444877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	992 B	13.36.218.177
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
commento.fadunews.in	628566	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	20 kB	174.138.40.107
pagestates-tracking.crazyegg.com	3647	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	414 B	648 B	54.230.111.22
assets-tracking.crazyegg.com	3651	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	410 B	646 B	54.230.111.63
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	12 kB	23.36.76.226
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	78 kB	172.217.21.168
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	714 B	3.8 kB	104.18.21.226
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	64 kB	34.120.237.76
cm.everesttech.net	996	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429 B	488 B	99.80.65.0
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	661 B	557 B	216.239.32.36
adserving.unibet.com	98000	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	503 B	1.3 kB	23.36.79.43
www.profitabledisplayformat.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	404 B	1.2 kB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	foundfroshelves.com	Sinkholed
2022-12-06	medium	foundfroshelves.com	Sinkholed
2022-12-06	medium	foundfroshelves.com	Sinkholed
2022-12-06	medium	foundfroshelves.com	Sinkholed
2022-12-06	medium	foundfroshelves.com	Sinkholed
2022-12-06	medium	foundfroshelves.com	Sinkholed
2022-12-06	medium	foundfroshelves.com	Sinkholed
2022-12-06	medium	foundfroshelves.com	Sinkholed
2022-12-06	medium	spikereekvelocity.com	Sinkholed
2022-12-06	medium	profitabledisplayformat.com	Sinkholed

JavaScript (70)

	URL	Size	First Seen	Last Seen
	mavink.com/explore/CD-Illusion-Girls	1.4 kB	2023-03-08	2023-03-08
Pretty URL mavink.com/explore/CD-Illusion-Girls IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2023-03-08 20:37:24 Times Seen1 Hash cf64fc8dbc00446940b254bb71a72c96 79986f4356f0081381f33f49dc3b725cc9bead7b 90ad0dfaf20f4b25cb6bb81c649779df03447320862895e7638a970fc7b62d85 Loading...

	www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660	2.1 kB	2023-03-07	2023-04-05
Pretty URL www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-04-05 02:12:07 Times Seen388 Hash 4fd91164aa79d34ae401150b9f112bbe a09fe46ece27e06c82f059c481090481804461bc e717b18eba32145b270f89fb30d50c51c6fdd7060deff6f467fc8621973123f8 Loading...

	welcome.unibet.com/custom.js	5.9 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/custom.js IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen8697 Hash 7bf01e92dd55d5fa298f55fbcb9afd30 4db58eaa64d33bce2d1ae88d5ed6919d8986f8dc 2c13bba84b390447c18343fd8319ca7aea45208f53fb3143ed27c354fd5b2b1f Loading...

	welcome.unibet.com/widget/betslip/betslip.js	15 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/widget/betslip/betslip.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen13385 Hash 5770dc60397ffb834d1280aa7bcebbd0 f0bbf2136b83babe5a8f70eeff2308279e9a0d3a 42e08e8d4858e610d87679ab66e8a7cf4b575614c0aa1423d8a1c0245bda9a52 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853	92 B	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853 IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6846 Hash 7f0f3c1a6218ba26e0a2303513a4b789 a8d06c9a0d0b367220509b18213f6b102f4b4fc0 faffe243fd7f581af68fd7dafdf86ff1e5c0824831f03d5758cb309da65fddda Loading...

	mavink.com/js/visibilityChanged.js	1.2 kB	2023-03-08	2024-02-22
Pretty URL mavink.com/js/visibilityChanged.js IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2024-02-22 21:59:18 Times Seen5 Hash c809af2ff6236ba6771d590777f070e7 6212c839460526cd87b6971974f34c1645344edd 979013b37f6b8f9836a0f6c95be1d4d861044d5fe2aca5a398f4c46488647d8f Loading...

	mavink.com/explore/CD-Illusion-Girls	153 B	2023-03-08	2024-02-22
Pretty URL mavink.com/explore/CD-Illusion-Girls IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2024-02-22 21:59:17 Times Seen3 Hash ab4529297ee500353d2fc655702399ca f6148932d24d324e09fc7aaacf8391cff75e1151 612895fc4d107a9810487b33516b763c1b708efd18ca6c6157e8e58f8b5575b6 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853	37 kB	2023-03-07	2023-11-06
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853 IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-11-06 09:27:16 Times Seen2374 Hash 93db3dee4c43b7d39a245c49591ba4b5 e22687abedfc3b2496fa1b3ba61a2f567f1211b8 0dc951e8d75c93a7d625da52744fcecb22b197c2f92783dd71f1cfead1b9b043 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853	59 kB	2023-03-07	2023-10-02
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853 IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1702 Hash b7fb41ed89500bb6a8f482f91216cfac caf092ff1935a3a13e8608d56ce60c008b498d68 4a2dbda07d552ad5d425033fcd10ccb1addc5140a177cbb0d11bb3f2f7974a8c Loading...

	www.profitabledisplayformat.com/2f9699d6163bff9569aab95bc537a459/invoke.js	27 kB	2023-03-08	2023-03-08
Pretty URL www.profitabledisplayformat.com/2f9699d6163bff9569aab95bc537a459/invoke.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2023-03-08 20:37:24 Times Seen1 Hash 50e3609586e28d3ba1af002331d80b30 efd87db8f6a7893fbe0869335bf2b4f82d77c90b e43614b749c878ad8392e5bd5fc94865acd9c73d6063a1803eba832334decfa0 Loading...

	mavink.com/js/bootstrap.bundle.min.js	81 kB	2023-03-07	2024-04-25
Pretty URL mavink.com/js/bootstrap.bundle.min.js IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:22 Last Seen2024-04-25 18:49:43 Times Seen2337 Hash 7fd2f04e75bd7ab1a79d80cdd4c33085 e02a14457b25e6df2568b772feab4387c00a4934 5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24 Loading...

	http:blank	145 B	2023-03-08	2024-02-22
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2024-02-22 21:59:16 Times Seen3 Hash eac711e2a2c9bc9dd097451c9f48a937 dcf12a8cc3a7f097cf0fb6ae194a8588246300d6 9e32bfdaf31d64644517f1363e5739cf2dc2d8600d57673cebd9bd3bb9979173 Loading...

	www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17372455	357 B	2023-03-07	2023-04-05
Pretty URL www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17372455 IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:21:39 Last Seen2023-04-05 02:08:58 Times Seen138 Hash 7901f5d3ff7ad16e7c532afe4cbd0fdc 7f923233aa6f62ef5897c7700f4d57e0a4c3ead1 fa514b84f8c6fdfcac78e966f7bcf5834de5f364862494cf608d2f637c824db6 Loading...

	mavink.com/js/jquery.min.js	88 kB	2023-03-07	2024-04-25
Pretty URL mavink.com/js/jquery.min.js IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:01 Last Seen2024-04-25 17:18:43 Times Seen7624 Hash f832e36068ab203a3f89b1795480d0d7 2115753ca5fb7032aec498db7bb5dca624dbe6be 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf Loading...

	www.googletagmanager.com/gtag/js?id=G-LXJJFJVFZ5	221 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-LXJJFJVFZ5 IP 172.217.21.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2023-03-08 20:37:24 Times Seen1 Hash 8f812ed2f7c7439a9de5d3dea60f39e2 10d9aaec116b7d860d4002e121ebecf1df6dfeb1 2d151b98baff203fc61c51f7bb2794e9091d53124a57a6826321c0fc21e090b9 Loading...

	foundfroshelves.com/e3/f3/f5/e3f3f59ee59a86bffff2c70678b470fd.js	86 kB	2023-03-08	2023-03-08
Pretty URL foundfroshelves.com/e3/f3/f5/e3f3f59ee59a86bffff2c70678b470fd.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2023-03-08 20:37:24 Times Seen1 Hash 7db35ff4d5c6cd6f6d39f122337432be 19ccb6e4e42651dadf91d750d974e959467eb93d c23bf569f3dc66ff07614939fcc2ba2c120e12487292a92d07765215fa312150 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853	277 B	2023-03-07	2023-09-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853 IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-09-21 14:18:09 Times Seen1576 Hash a06048fa305b7e3bd9b89366aee69071 05699ca86b944c67a0fc3240aeace995d9563200 4bdeff956fa33cb08c22fb884ba60fbb1f06c137b1df07e5f493ae4e3d6f88ff Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853	2.6 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853 IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6831 Hash cd03538fc58df8693fe9af9337788f0f 408a15551710117d0538fc9442a55b5678bb85a5 cc933dd733a6db1a1a9ff1d7c0adb26717fa27d4d177b7a5a2cab0bfdb353562 Loading...

	unibet.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwelcome.unibet.com	6.7 kB	2023-03-07	2024-03-23
Pretty URL unibet.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwelcome.unibet.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-03-23 05:26:10 Times Seen1169 Hash bea2f42512935b636558e81988e2d51f 2c9772b62f6eb8a3cec9c3a6fb9c0b22c927e59d 0cc5ff21c24654308609656ebcfda2d792d15f6fda17c0a88b551fcf8e456fdb Loading...

	umami.fadunews.in/umami.js	2.5 kB	2023-03-07	2024-04-02
Pretty URL umami.fadunews.in/umami.js IP 143.198.115.204 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:41:49 Last Seen2024-04-02 14:11:03 Times Seen27 Hash 18568d0f73ab796241b55ae64b09faa0 f71ce0d5b79bd803050379ee4e96ac832a81be73 22ef36e1cb0c5d81e3da1da9ac8c654157188da6208007d91badb7fb669e0c28 Loading...

	mavink.com/explore/CD-Illusion-Girls	100 B	2023-03-08	2024-02-22
Pretty URL mavink.com/explore/CD-Illusion-Girls IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2024-02-22 21:59:17 Times Seen3 Hash 660d3a170e15e4f08b95d862cb4e4431 8c658ab9be2a22103f520684be8adc9b9198ca6e 654ccf33f76c96d19db04e92e70fa309a019dbfc39945566723a221873aa62d4 Loading...

	foundfroshelves.com/e3/f3/f5/e3f3f59ee59a86bffff2c70678b470fd.js	86 kB	2023-03-08	2023-03-08
Pretty URL foundfroshelves.com/e3/f3/f5/e3f3f59ee59a86bffff2c70678b470fd.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2023-03-08 20:37:24 Times Seen1 Hash 8c010d0779d7c39c37166e1c48544a71 f72c09ca30debdb710d9b409a31fb20cccd82137 3d3aaa260403ff807e0eb31129a1107152bd0d9bde3b3360af46077303b33b3e Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-04-25
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 216.58.211.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 22:18:40 Times Seen106156 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js	956 B	2023-03-07	2024-02-01
Pretty URL a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js IP 85.184.96.5 ASN #47171 Unibet Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:05 Last Seen2024-02-01 12:23:48 Times Seen10503 Hash fd48e87ecd4d06d9c5df490b91dc813e a65a437db44444634e4f41732c590c1d14433b3f 2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC	239 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2023-03-08 20:38:17 Times Seen1 Hash 11bae7f6d0d8122030d6f1c3f3e5cfcd 62a3f2fe640f12a79135fe793af95f8ff50645e9 a9729e254a9f91f08c0faacafe80a646e1161e3d552ab83c29aa52a6b0a6be08 Loading...

	mavink.com/explore/CD-Illusion-Girls	7.9 kB	2023-03-07	2024-04-02
Pretty URL mavink.com/explore/CD-Illusion-Girls IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:41:49 Last Seen2024-04-02 14:11:02 Times Seen11 Hash f333fb732d0ca983902771bcb7757108 29057c50dbb67a3a7c2441f2cad7287e16df462d 0da643f2633bd7d340cacb7206bc071b540de0574f04d6d6ac31602784235eef Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js	5.4 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen8425 Hash ac64b59c98bbe50cf69b6c98fa39585c 0a5cc9fb43b8a208481baaf752dbd504078a764b 28ac02c7302149814ed1c1b8a31b96e1ea94247c3b64888a598f66955d28312c Loading...

	a1s.unibet.com/orval/tracking/lastclick.min.js	1.8 kB	2023-03-07	2024-02-01
Pretty URL a1s.unibet.com/orval/tracking/lastclick.min.js IP 85.184.96.5 ASN #47171 Unibet Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen5726 Hash 8027969a31091dd0d3a7813f95ee7e10 591677c488b8b98532778e11adc9348253a014a4 5166be250f7de7d316b5fb9778843cc3268ce3e00f917530f65e99dcdb355b60 Loading...

	mavink.com/explore/CD-Illusion-Girls	288 B	2023-03-08	2023-09-10
Pretty URL mavink.com/explore/CD-Illusion-Girls IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2023-09-10 08:28:24 Times Seen2 Hash a4e6ea7c6b0a07e681db541059b42dc6 f0751621f4a67808209f2d0115c915b1fa26b21f 9695136d5fa71d2c8dd65d371d242e1310c43b0c81d8303d0c7f5a7cacaeb312 Loading...

	mavink.com/explore/CD-Illusion-Girls	350 B	2023-03-08	2023-03-08
Pretty URL mavink.com/explore/CD-Illusion-Girls IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2023-03-08 20:37:24 Times Seen1 Hash 7e5a700c8cbcd0c5260f6bd7802fc976 923aecf2bc9a31de87c3daf8ed66a783e248af58 e603127ba398321f194180cf945a900f1e03386875e6942c59fe61b3ab49343b Loading...

	mavink.com/js/commento.js	36 kB	2023-03-08	2024-02-22
Pretty URL mavink.com/js/commento.js IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2024-02-22 21:59:18 Times Seen5 Hash eee1d1e3ba72e24406cb91785416d2e5 bcd82631f78ee0a4c411b065a64719ab421cbca4 1e9328ce3fc7e83d831f1924b3503b75b7d8a3f88e35863541dc61e052d523a8 Loading...

	mavink.com/explore/CD-Illusion-Girls	18 B	2023-03-08	2024-02-22
Pretty URL mavink.com/explore/CD-Illusion-Girls IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2024-02-22 21:59:17 Times Seen3 Hash 6be273ff65fda87bfdc8dc892c84ca61 4dd45b3a5901a16f21dad68c7a58c7f6d1da2bfd 59a5257a78659a5700a218ce1fc9580d9edc36030745b619d1b26ebb107c26ce Loading...

	mavink.com/explore/CD-Illusion-Girls	65 B	2023-03-08	2024-02-22
Pretty URL mavink.com/explore/CD-Illusion-Girls IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2024-02-22 21:59:17 Times Seen3 Hash 6f10be788a7197d90afc14a3fda37972 ecd66219381cb7d204c623dd82cadde144a44af5 a459caa6334a3ddb118fb5e2265a85ddf0a3327b535d9690800f98cae51af3ed Loading...

	mavink.com/explore/CD-Illusion-Girls	192 B	2023-03-08	2023-03-08
Pretty URL mavink.com/explore/CD-Illusion-Girls IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2023-03-08 20:37:24 Times Seen1 Hash 692e71e801cd8b1835f482f93e1042ca 0b0879ef26c487512ad3eaa086c404b399854b44 8b9388cd79536989a463470d1fb3ea8ca52394f2e972db6669894c9c4d34dcce Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853	5.4 kB	2023-03-07	2023-08-08
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853 IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-08-08 14:09:19 Times Seen1025 Hash 26c5eb641d4b8e7a86948e5a397d4203 9bf9b195284806ae56e32f7a0531ad91ad7bf731 aee310721d3d1cb60cdb3e4d714451c5ef94b93e820d0f08bdbb1b04f00d9b73 Loading...

	mavink.com/explore/CD-Illusion-Girls	693 B	2023-03-08	2024-02-22
Pretty URL mavink.com/explore/CD-Illusion-Girls IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2024-02-22 21:59:17 Times Seen3 Hash cef3f1b3dfba2605741aea38536f0cbb 3fc406a635b1d401557e6dda0708dc1172a30f21 090e9b8f924c63894b717d30bd3d44c03c0b8c8cfb6683f32fb552d5be36b103 Loading...

	mavink.com/explore/CD-Illusion-Girls	1.4 kB	2023-03-08	2024-02-22
Pretty URL mavink.com/explore/CD-Illusion-Girls IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2024-02-22 21:59:17 Times Seen3 Hash 45e2c2157c83445fde1b719c63879cde 4e7a70c85ae066cad5054da58de3a401062eca79 44580cc37cb86473ab0cbe600792f1858e8b34698b57e06e70deeb5a7a52e5e2 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853	364 B	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853 IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6836 Hash b7207d294237fb810195b41fdd3cac28 ff7ef257957cbc2074fa5814177bb7cbbac44eb2 12f39122cef3c11903118c0f4769199ddc1e0e5ba13d7dbe8373e5c77391baf5 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853	294 B	2023-03-08	2023-09-13
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853 IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:43:36 Last Seen2023-09-13 11:50:24 Times Seen1476 Hash fe53926e4255981329b5ccf0739441e1 e7317f10b43129fdfd0c9c8faa8d004753cdfaef be6b672647d775c29253e5653d707f3fa6fbed94c5ebb00eb543fc76f13d6dbb Loading...

	http:blank	3.2 kB	2023-03-08	2023-03-08
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2023-03-08 20:37:24 Times Seen1 Hash 609ab7175280d50d90ed39432dbb5445 e387878b9fd4dc5928b31248bf12a9d51711d892 de6f9c3f7785e2e403404f752f56a82e9a001937316abc35cd6bdc126e26e7bf Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js	4.5 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen8257 Hash 04fc48de78cbfc5d1557e9df399c7733 e1bf77a4fef1943b0eab404c4abbe9477cb373e0 4c6d70ebaf667a642560297cdca94fa760d3624e1f4cab0da08711f0c492fed6 Loading...

	mavink.com/explore/CD-Illusion-Girls	594 B	2023-03-08	2024-02-22
Pretty URL mavink.com/explore/CD-Illusion-Girls IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2024-02-22 21:59:17 Times Seen3 Hash 5e2eee5efddbd7e018deb444272a5ed4 8f85c339a33c6c463134758d6c5a46b6b71162d6 ceba5fb612be56a41ad8802ddcc0e170686a65fd9c431b50ec9dfe38eba96a12 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853	2.2 kB	2023-03-07	2023-10-02
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853 IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1647 Hash c0f99959e76a9ae3302a785606121738 b7121b4e8dfd06a376a210933831917cf22131a7 8635426cb6fbc3d728559ba093c8aa5455f2d5338aefb695ef68aa88a406f615 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853	2.7 kB	2023-03-07	2023-06-27
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853 IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-06-27 14:28:54 Times Seen838 Hash 4f81620c61dcee3796fd3363a5338651 1739f9bd67e9cb64b61159e14a698c4ace82fe69 b7b20a7ae40fdd82ac83c2ed9064230801e050eaccfa28c2c5cc847d34dec6a9 Loading...

	mavink.com/explore/CD-Illusion-Girls	11 kB	2023-03-07	2024-04-02
Pretty URL mavink.com/explore/CD-Illusion-Girls IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:41:49 Last Seen2024-04-02 14:11:02 Times Seen10 Hash 73d10c744a2402f0274432ccdbcbbb8a dc5f854ada3981ae833c83d8743969c7ecdda2ea f3ee09f6c2c78380232d4f6bf5a30397938cadb3a580598b09b9b3d49aa36a1e Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853	147 B	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853 IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6862 Hash 1d18cffe3fc76896ca02254b5879b535 1a8fec7049c5644eaab6f7aecf8672f3f858d037 cb934bad0e7cb0b0b2edbc619a28b2d7ee4960dba893c3c2ce2a63e458d8af5b Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853	217 B	2023-03-08	2023-09-13
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853 IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:43:36 Last Seen2023-09-13 11:50:24 Times Seen1474 Hash ddd6d3f3c95f65d092f39f7d6c806fff 1d9a1a9cf8ca546de93e144d1145643409166a14 e7aec5887920ea12c56a256725793a33d45749a0499c0780c9c9b99d2914222f Loading...

	script.crazyegg.com/pages/scripts/0012/9242.js	6.1 kB	2023-03-08	2023-03-13
Pretty URL script.crazyegg.com/pages/scripts/0012/9242.js IP 104.19.148.8 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:29 Last Seen2023-03-13 18:10:20 Times Seen1 Hash 946921b8d60d7a78753f012bc08e1839 c4e4a57a66468574b1c2c676775c75b3ff23fbbf 764977a345624aa95b09b69269aba4cc20d26a715fae0c0f395394008afc0e1a Loading...

	mavink.com/js/folumelite.js	663 B	2023-03-08	2024-02-22
Pretty URL mavink.com/js/folumelite.js IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2024-02-22 21:59:18 Times Seen5 Hash 56f97b93f885509c2a27dab73c2ae2d2 2d929535bc613fef8a70e948d4425ee8dfc0c6f7 622978bbf9a4f59913d4b5ed3ae3be6cdb10daad3adf9d62a38c0c8585b7035f Loading...

	mavink.com/js/utctolocal.min.js	588 B	2023-03-08	2024-02-22
Pretty URL mavink.com/js/utctolocal.min.js IP 157.245.141.65 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:37:24 Last Seen2024-02-22 21:59:18 Times Seen5 Hash bd412f68dab57dca9ed1173fb22d8cff 7e3d475423c5d0c54e3c4d2adb15b49255276939 c57002401de2c58594dd4c986be57f61709256c74e40ee97199bd77876fc5a04 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853	307 B	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853 IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6858 Hash 5633bd464ac4d5c3fab4b6c6db04c743 e9b255450e7612595382082329b0fe88904abcee ca8576fcf8d4ca2350c9fe2a7976729e6e3c6b42ca948060a509a1eed46e93fd Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853	667 B	2023-03-07	2023-09-21
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853 IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-09-21 14:18:09 Times Seen1578 Hash 2d41aac452b14ef4b388a79a47791b35 cee1071dcf7b8095fe214afc02177dc39bd4f973 44ed144c670270401a2ba9d624c2d98dc2e31c3df30ce612a7c94041cb2210de Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853	7.5 kB	2023-03-07	2023-04-27
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853 IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-04-27 00:24:56 Times Seen338 Hash f11aa08db800dc0e89f963fb3043f461 565fea671f23ae5189aa25ffcc5d0f2e548f72b2 b494d197c2e32274ca7543dd7828afb81a72db96a88da514f5f8ec45f73649ac Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853	235 B	2023-03-07	2023-06-27
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853 IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-06-27 14:28:54 Times Seen842 Hash d7e6cfa80c6d4f83e56972a515a7bc87 54da9ec648815ef2ef225e69c698f4d8a21363bf 94782f5573acd5c9f8a8131ea8ec3e313d02f077e9766508af6aecd952572c58 Loading...

	welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853	721 B	2023-03-07	2023-06-27
Pretty URL welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853 IP 104.18.24.188 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-06-27 14:28:54 Times Seen839 Hash 9c83e2435e1e8d72ce6b63ef2ff44894 bd04a958ae23aaf1b3d427b9bffaf4d041956be1 3c5e987ccf5ca2a1dbf43e2d257bf114e113add7d384d433055c1261722b06fb Loading...

	script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js	79 kB	2023-03-08	2023-03-11
Pretty URL script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js IP 104.19.148.8 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:29 Last Seen2023-03-11 23:05:02 Times Seen1 Hash c9e70248546954143cc97e895e1fcd61 24be664e0054b48af754ac1c05b97f08155a649f 24d256e41daf93aa8f841558593376434d6f1ba705376eb33d2e34ad6fea5d27 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0df47f7ec8a7025bea46266133fe90c1	54 B	2023-03-07	2024-04-17
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2024-04-17 03:22:10 Times Seen1724 Hash 0df47f7ec8a7025bea46266133fe90c1 407aeb860ef834517df3dfa568905e7c95d42d9f fc490a09c28110ae2a7c965801ebeb5c572587f55c3524889f547dbcc34c1d81 Loading...

	#2 Eval - add2d829cf386f4838b0cdef5348451c	71 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1710 Hash add2d829cf386f4838b0cdef5348451c c8295463ce81113f7396d77c108349f473285c49 dcdd7e7e286c45c94638f28053384616d6ca9a1b396b0109cb51f1298ba342bb Loading...

	#3 Eval - d66a51311c2681be9b2814403d8e8308	60 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash d66a51311c2681be9b2814403d8e8308 284b626b87d046fe1adfc6899ade214d57f09655 9d51544cc513110b130345a977b1e9e630b5a7aa01518f7f7898758b79a9699f Loading...

	#4 Eval - a2bcebb48aaee0300030cf8123020f69	135 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash a2bcebb48aaee0300030cf8123020f69 365d67c7f5ce945805339efb40c083cc97d1f9b2 fc7b851f30df68c5cc6d1fb3f06c300b2b1d7271f76cc187224050270141f0ed Loading...

	#5 Eval - dddc8519e9834ad5d3074584ccf9f8b7	132 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash dddc8519e9834ad5d3074584ccf9f8b7 829d5d1a21eff85f38994e567322cc3bcce9c9cd 0a23e511994a2c03a725773de07810ff171878b9c0177f40a663038e4e251168 Loading...

	#6 Eval - 596da5f7bb09f22c58c4073eb41d604e	62 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash 596da5f7bb09f22c58c4073eb41d604e 66603b30823c3a560dae4f1b6afb92ab5a0f91d5 adf0ca592504ef680d5ea02d5161b15be0572fd3e5b41d152b74f0c76aea6c42 Loading...

	#7 Eval - 323b0549e276ac9d1fb442d626e4ce02	469 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 20:37:24 Last Seen2023-03-08 20:37:24 Times Seen1 Hash 323b0549e276ac9d1fb442d626e4ce02 ba3a75110ee035ea354526d23447183ad9b13e60 5e78c02895feaca0eb55715407e4bbc717529727c1d03cfc86d547eb4b68222f Loading...

	#8 Eval - 52a838bf9957f0cff2021c034f169cb0	88 B	2023-03-07	2023-11-06
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-11-06 09:27:16 Times Seen2384 Hash 52a838bf9957f0cff2021c034f169cb0 30a7327c54334eb310944b6fd01ddf34b4e2ad9d 5e05e2cf30322e8f71d65a22aa5f4a095923b67286a61d83b7787e3468f42f62 Loading...

	#9 Eval - 84b2cd04a3e6a53dd1e2d2281b4ec9d0	55 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash 84b2cd04a3e6a53dd1e2d2281b4ec9d0 453fd8561e4859d9adbbe37e66110d2584bc2c1d 14986cbd70f8b8a1770adf9800c113847daf392c2999dfff9dc71d2be98f3282 Loading...

	#10 Eval - 127ac839a41bdd9ab92ad47b7411cdaf	29 B	2023-03-08	2024-01-15
Pretty Observations First Seen2023-03-08 14:23:53 Last Seen2024-01-15 00:09:04 Times Seen889 Hash 127ac839a41bdd9ab92ad47b7411cdaf c2f81b12778c909f055c3967caa638b643c4916a b2ebc210c5c379879d07a4a9e046a4ea803d56dcc91d533db817ec272cbcfaf4 Loading...

	#11 Eval - 4b4768884dd164bcabacb4edf182609a	61 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash 4b4768884dd164bcabacb4edf182609a 881cdbd84f94dc256c40f2ee489d83f956c1b36b 9259355921509ced00b4d7d3e76c151037a06c88a646cd7d47d5d9c96984697c Loading...

	#12 Eval - e88e5944f1790fcf6910ab43b279454d	2.1 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 20:37:24 Last Seen2023-03-08 20:37:24 Times Seen1 Hash e88e5944f1790fcf6910ab43b279454d 77eca49f57951a95da7f76d28e30f22f675df37b 88a7e5fabd5399a578589dc3cd63ba4cd39b9720abc1007942cb5ffaeb6eed83 Loading...

		Size	First Seen	Last Seen
	#1 Write - ac798ac2b2c9559c3e64b701f845c78e	50 B	2023-03-07	2024-02-01
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6876 Hash ac798ac2b2c9559c3e64b701f845c78e 288602cbfebecea88ca238ce32c92d133bf59bff a2b051fa7d206df6e4eeee27678781de0752c1ac7adcfd359c1a2fc7ff507449 Loading...

	#2 Write - b82fd5af3420afadedd6c8ef9c5f6207	129 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 20:37:24 Last Seen2023-03-08 20:37:24 Times Seen1 Hash b82fd5af3420afadedd6c8ef9c5f6207 d232ee85780708235425d878165a599574931f07 b5c5828502de6cb67340551ee1b8241cacd83ad00bb1b436539f25b6dc4f3b95 Loading...

HTTP Transactions (138)

URL IP Response Size

mavink.com/explore/CD-Illusion-Girls

157.245.141.65

301 Moved Permanently

252 B

URL HTTP/1.1
mavink.com/explore/CD-Illusion-Girls
IP
157.245.141.65:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
252 B (252 bytes)
Hash
a3096ef22b06552a03feeb3ac50dd0ae
f071cda8f889dff6024e58b84210dfa9ab7a4592
8d0d0e7cc4847b10f09f50c19c925850ed751261d3a8ef10c6730350bc719280

HTTP Headers

GET /explore/CD-Illusion-Girls HTTP/1.1
Host: mavink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 07 Dec 2022 03:02:58 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 252
Connection: keep-alive
Location: https://mavink.com/explore/CD-Illusion-Girls

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4083
Expires: Wed, 07 Dec 2022 04:11:01 GMT
Date: Wed, 07 Dec 2022 03:02:58 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6053
Cache-Control: max-age=119353
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:02:58 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 12:12:11 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 02:18:44 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2654
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10773
Expires: Wed, 07 Dec 2022 06:02:31 GMT
Date: Wed, 07 Dec 2022 03:02:58 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: UOIq4RuzqB5qKNztVDBFe6wCii1VC0uc2w2e6DijrhrYwp4aMw4Hw8GNr+Q+V0DgQqXg6O9n8h0=
x-amz-request-id: ZQ8288M8R3VKHTRP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 02:47:20 GMT
age: 938
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 03:02:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a2f77a98c3c303c825200c11bb1fe01e
aafc5b2028a489fd318439ad72b714ebd1fb7233
e04e5722501432b2106d2d7a39f843e1f0250107b4d5ab458437cce828804acd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E04E5722501432B2106D2D7A39F843E1F0250107B4D5AB458437CCE828804ACD"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3140
Expires: Wed, 07 Dec 2022 03:55:18 GMT
Date: Wed, 07 Dec 2022 03:02:58 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 02:08:58 GMT
cache-control: public,max-age=3600
age: 3240
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6034
Cache-Control: max-age=114265
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:02:59 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 10:47:24 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.188.211.138

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.188.211.138:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Bl0hINvFhuntlm6x0zeebg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kRhAxsGk81eIj9VCjp5rfY1gk5A=

mavink.com/explore/CD-Illusion-Girls

157.245.141.65

200 OK

55 kB

URL HTTP/1.1
mavink.com/explore/CD-Illusion-Girls
IP
157.245.141.65:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (49895)
Size
55 kB (55003 bytes)
Hash
0840ff70faeccdfe201ecad1a67ec3d4
3feb515edf71340523bb2fb2fc320b487bd2c770
d52b81a8e0b85f205a7ca314dcd723e4f85508832a43925a885c956fc6aab0ff

HTTP Headers

GET /explore/CD-Illusion-Girls HTTP/1.1
Host: mavink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 03:02:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

mavink.com/css/fonts/Feather.ttf?sdxovp

157.245.141.65

200 OK

65 kB

URL HTTP/1.1
mavink.com/css/fonts/Feather.ttf?sdxovp
IP
157.245.141.65:0
ASN
#14061 DIGITALOCEAN-ASN

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, Feather \012- data
Size
65 kB (65112 bytes)
Hash
fe1594343a6aed9427c646993d06ea9c
18d0455f25678b44731eac73dc8654df1d2c314e
e103929dd758126ea4a090ff0e33b620f3ceb1b81ffad1345023c95661c84d8c

HTTP Headers

GET /css/fonts/Feather.ttf?sdxovp HTTP/1.1
Host: mavink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/explore/CD-Illusion-Girls
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 03:02:59 GMT
Content-Type: application/octet-stream
Content-Length: 65112
Last-Modified: Fri, 18 Mar 2022 15:51:33 GMT
Connection: keep-alive
ETag: "6234aa85-fe58"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
8d3461b9b3bad5972cd3c4045406dc38
269cc98ff9ec2a4425522dbb65df150958fd89e5
dd1d341254a2bc95668f072d76c081a0008229dd11a099c20cf879c5d20f4520

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6473
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:00 GMT
Last-Modified: Wed, 07 Dec 2022 01:15:07 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8aa9320315b7fc787bfd0fd1baea8721
45328506883b22acc927b8038b73e5247b0a1679
c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/FQEr5kwTHGw

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/FQEr5kwTHGw
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6c5fa5d3b1c9f1f4c2af0567b2947f09
486409287e7b2dfabd96a03330be734cfcea75a5
c9207e7792110aca1eda8c23c177f91b8463a818ae1401a7bdcf97527657a469

HTTP Headers

POST /s/gts1p5/FQEr5kwTHGw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img.discogs.com/P0bDQ1YS92OBxO1zLczmICSsWt8=/fit-in/481x470/filters:strip_icc():format(jpeg):mode_rgb():quality(90)/discogs-images/R-9735255-1485545507-5980.jpeg.jpg

104.18.28.109

302 Found

0 B

URL HTTP/2
img.discogs.com/P0bDQ1YS92OBxO1zLczmICSsWt8=/fit-in/481x470/filters:strip_icc():format(jpeg):mode_rgb():quality(90)/discogs-images/R-9735255-1485545507-5980.jpeg.jpg
IP
104.18.28.109:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /P0bDQ1YS92OBxO1zLczmICSsWt8=/fit-in/481x470/filters:strip_icc():format(jpeg):mode_rgb():quality(90)/discogs-images/R-9735255-1485545507-5980.jpeg.jpg HTTP/1.1
Host: img.discogs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 07 Dec 2022 03:03:00 GMT
content-length: 0
location: https://i.discogs.com/eQvzGDJOBSxA8FcCU0HDUYQ-Xc4gfY9EuVTKQ5CrOqw/rs:fit/g:sm/q:90/h:470/w:481/czM6Ly9kaXNjb2dz/LWRhdGFiYXNlLWlt/YWdlcy9SLTk3MzUy/NTUtMTQ4NTU0NTUw/Ny01OTgwLmpwZWc.jpeg
set-cookie: __cf_bm=GBHKx_zZv1wgRNWAFLSEgPqw2.vieSZnzkeMLD9pTMA-1670382180-0-AebQWyXwDqQov4EhVQfe28KC6VkS1dI7z4xIXuAjUawWBvi+CpM6bnYSrFRi2Ja8YK8D99gsbrISSaZ4KIuahsg=; path=/; expires=Wed, 07-Dec-22 03:33:00 GMT; domain=.discogs.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 775a06914e63b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
8d3461b9b3bad5972cd3c4045406dc38
269cc98ff9ec2a4425522dbb65df150958fd89e5
dd1d341254a2bc95668f072d76c081a0008229dd11a099c20cf879c5d20f4520

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6473
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:00 GMT
Last-Modified: Wed, 07 Dec 2022 01:15:07 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280

www.googletagmanager.com/gtag/js?id=G-LXJJFJVFZ5

172.217.21.168

200 OK

77 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-LXJJFJVFZ5
IP
172.217.21.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (22462)
Size
77 kB (76829 bytes)
Hash
cc3da0428d6a36d7d76d858e4f560a40
5e9ea02c200ff76bd388edabc9037ce6459167d8
c84eeba2cff6453dc006ab5caf04487ae811d92dca5818250d413352e84cb66c

HTTP Headers

GET /gtag/js?id=G-LXJJFJVFZ5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 03:03:00 GMT
expires: Wed, 07 Dec 2022 03:03:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76829
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

mavink.com/js/folumelite.js

157.245.141.65

200 OK

663 B

URL HTTP/1.1
mavink.com/js/folumelite.js
IP
157.245.141.65:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
663 B (663 bytes)
Hash
56f97b93f885509c2a27dab73c2ae2d2
2d929535bc613fef8a70e948d4425ee8dfc0c6f7
622978bbf9a4f59913d4b5ed3ae3be6cdb10daad3adf9d62a38c0c8585b7035f

HTTP Headers

GET /js/folumelite.js HTTP/1.1
Host: mavink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/explore/CD-Illusion-Girls
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 03:03:00 GMT
Content-Type: application/javascript
Content-Length: 663
Last-Modified: Fri, 18 Mar 2022 15:51:47 GMT
Connection: keep-alive
ETag: "6234aa93-297"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

mavink.com/images/mavink-logo-small.png

157.245.141.65

200 OK

6.7 kB

URL HTTP/1.1
mavink.com/images/mavink-logo-small.png
IP
157.245.141.65:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 180 x 52, 8-bit/color RGBA, non-interlaced\012- data
Size
6.7 kB (6715 bytes)
Hash
530a5e3057ca0d26c6080c3ced039386
333357a5e8df431a6827b78483559f856df10790
88ca9cced01ecf85496c4600fa55dd2461eef4177edcce325f8159ab59876fa3

HTTP Headers

GET /images/mavink-logo-small.png HTTP/1.1
Host: mavink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/explore/CD-Illusion-Girls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 03:03:00 GMT
Content-Type: image/png
Content-Length: 6715
Last-Modified: Fri, 18 Mar 2022 15:51:42 GMT
Connection: keep-alive
ETag: "6234aa8e-1a3b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8aa9320315b7fc787bfd0fd1baea8721
45328506883b22acc927b8038b73e5247b0a1679
c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mavink.com/js/utctolocal.min.js

157.245.141.65

200 OK

588 B

URL HTTP/1.1
mavink.com/js/utctolocal.min.js
IP
157.245.141.65:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (587)
Size
588 B (588 bytes)
Hash
bd412f68dab57dca9ed1173fb22d8cff
7e3d475423c5d0c54e3c4d2adb15b49255276939
c57002401de2c58594dd4c986be57f61709256c74e40ee97199bd77876fc5a04

HTTP Headers

GET /js/utctolocal.min.js HTTP/1.1
Host: mavink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/explore/CD-Illusion-Girls
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 03:03:00 GMT
Content-Type: application/javascript
Content-Length: 588
Last-Modified: Fri, 18 Mar 2022 15:51:50 GMT
Connection: keep-alive
ETag: "6234aa96-24c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

mavink.com/images/loadingwhitetransparent.gif

157.245.141.65

200 OK

2.8 kB

URL HTTP/1.1
mavink.com/images/loadingwhitetransparent.gif
IP
157.245.141.65:0
ASN
#14061 DIGITALOCEAN-ASN

File type
GIF image data, version 89a, 32 x 32\012- data
Size
2.8 kB (2768 bytes)
Hash
670252267607722be83f6a74f2c446ea
6458b4dc60977e72bd9ac2e896a6e0276aeaf78d
bf86c2223e3b7488c09259e5093b0acbcae0cc2d38349b1efb709d9c3380590e

HTTP Headers

GET /images/loadingwhitetransparent.gif HTTP/1.1
Host: mavink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/explore/CD-Illusion-Girls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 03:03:00 GMT
Content-Type: image/gif
Content-Length: 2768
Last-Modified: Fri, 18 Mar 2022 15:48:47 GMT
Connection: keep-alive
ETag: "6234a9df-ad0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

mavink.com/js/visibilityChanged.js

157.245.141.65

200 OK

1.2 kB

URL HTTP/1.1
mavink.com/js/visibilityChanged.js
IP
157.245.141.65:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
1.2 kB (1205 bytes)
Hash
c809af2ff6236ba6771d590777f070e7
6212c839460526cd87b6971974f34c1645344edd
979013b37f6b8f9836a0f6c95be1d4d861044d5fe2aca5a398f4c46488647d8f

HTTP Headers

GET /js/visibilityChanged.js HTTP/1.1
Host: mavink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/explore/CD-Illusion-Girls
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 03:03:00 GMT
Content-Type: application/javascript
Content-Length: 1205
Last-Modified: Fri, 18 Mar 2022 15:51:50 GMT
Connection: keep-alive
ETag: "6234aa96-4b5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

mavink.com/js/commento.js

157.245.141.65

200 OK

36 kB

URL HTTP/1.1
mavink.com/js/commento.js
IP
157.245.141.65:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (1400)
Size
36 kB (36259 bytes)
Hash
eee1d1e3ba72e24406cb91785416d2e5
bcd82631f78ee0a4c411b065a64719ab421cbca4
1e9328ce3fc7e83d831f1924b3503b75b7d8a3f88e35863541dc61e052d523a8

HTTP Headers

GET /js/commento.js HTTP/1.1
Host: mavink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/explore/CD-Illusion-Girls
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 03:03:00 GMT
Content-Type: application/javascript
Content-Length: 36259
Last-Modified: Fri, 18 Mar 2022 16:01:45 GMT
Connection: keep-alive
ETag: "6234ace9-8da3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3eb269caaf1b8941a599c396c89939ac
cbb50584d01d3210eb62dd18b6b4fed06724e2e5
03127d54267d5dd303a147bcb7f11e16af30b730ffe5faef8af06b6b5be205c8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03127D54267D5DD303A147BCB7F11E16AF30B730FFE5FAEF8AF06B6B5BE205C8"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3120
Expires: Wed, 07 Dec 2022 03:55:00 GMT
Date: Wed, 07 Dec 2022 03:03:00 GMT
Connection: keep-alive

static.jmusicitalia.com/artisti/tokyogirls/single/illusion-vinyl-sbig.jpg

193.70.112.181

200 OK

117 kB

URL HTTP/2
static.jmusicitalia.com/artisti/tokyogirls/single/illusion-vinyl-sbig.jpg
IP
193.70.112.181:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Size
117 kB (116994 bytes)
Hash
798f96bff7cfe9fd8ca39323a13a1e69
7d0d0e821093d2969d88a9bd318371da40b66e64
f7f6a1fc499badd901bf2decda907650ecd805930c1b85f7895f437c7cd4d406

HTTP Headers

GET /artisti/tokyogirls/single/illusion-vinyl-sbig.jpg HTTP/1.1
Host: static.jmusicitalia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:00 GMT
server: Apache
strict-transport-security: max-age=63072000
access-control-max-age: 1728000
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
access-control-allow-credentials: true
x-frame-options: DENY
last-modified: Sat, 24 Oct 2015 12:07:01 GMT
etag: "1c902-522d890ca2340"
accept-ranges: bytes
content-length: 116994
cache-control: max-age=2592000
expires: Fri, 06 Jan 2023 03:03:00 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-type: image/jpeg
X-Firefox-Spdy: h2

mavink.com/images/user.png

157.245.141.65

200 OK

715 B

URL HTTP/1.1
mavink.com/images/user.png
IP
157.245.141.65:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size
715 B (715 bytes)
Hash
585c4ff4e804d3f89fdd248dc632cf89
46e4785f8c5f0c211daa9dcd0b8eb8560284640d
12fffb87bbec75ea0cb30da78c5dd561afc157cbd24f8ac491cf184f3b576e05

HTTP Headers

GET /images/user.png HTTP/1.1
Host: mavink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/explore/CD-Illusion-Girls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 03:03:00 GMT
Content-Type: image/png
Content-Length: 715
Last-Modified: Fri, 18 Mar 2022 15:51:43 GMT
Connection: keep-alive
ETag: "6234aa8f-2cb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

ocsp.pki.goog/s/gts1p5/FQEr5kwTHGw

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/FQEr5kwTHGw
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6c5fa5d3b1c9f1f4c2af0567b2947f09
486409287e7b2dfabd96a03330be734cfcea75a5
c9207e7792110aca1eda8c23c177f91b8463a818ae1401a7bdcf97527657a469

HTTP Headers

POST /s/gts1p5/FQEr5kwTHGw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:00 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mavink.com/js/jquery.min.js

157.245.141.65

200 OK

88 kB

URL HTTP/1.1
mavink.com/js/jquery.min.js
IP
157.245.141.65:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (65451)
Size
88 kB (88144 bytes)
Hash
f832e36068ab203a3f89b1795480d0d7
2115753ca5fb7032aec498db7bb5dca624dbe6be
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: mavink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/explore/CD-Illusion-Girls
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 03:03:00 GMT
Content-Type: application/javascript
Content-Length: 88144
Last-Modified: Fri, 18 Mar 2022 15:51:49 GMT
Connection: keep-alive
ETag: "6234aa95-15850"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

mavink.com/js/bootstrap.bundle.min.js

157.245.141.65

200 OK

81 kB

URL HTTP/1.1
mavink.com/js/bootstrap.bundle.min.js
IP
157.245.141.65:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (65297)
Size
81 kB (81084 bytes)
Hash
7fd2f04e75bd7ab1a79d80cdd4c33085
e02a14457b25e6df2568b772feab4387c00a4934
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24

HTTP Headers

GET /js/bootstrap.bundle.min.js HTTP/1.1
Host: mavink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/explore/CD-Illusion-Girls
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 03:03:00 GMT
Content-Type: application/javascript
Content-Length: 81084
Last-Modified: Fri, 18 Mar 2022 15:51:46 GMT
Connection: keep-alive
ETag: "6234aa92-13cbc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

mavink.com/images/p13.png

157.245.141.65

200 OK

715 B

URL HTTP/1.1
mavink.com/images/p13.png
IP
157.245.141.65:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size
715 B (715 bytes)
Hash
585c4ff4e804d3f89fdd248dc632cf89
46e4785f8c5f0c211daa9dcd0b8eb8560284640d
12fffb87bbec75ea0cb30da78c5dd561afc157cbd24f8ac491cf184f3b576e05

HTTP Headers

GET /images/p13.png HTTP/1.1
Host: mavink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/explore/CD-Illusion-Girls
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 03:03:00 GMT
Content-Type: image/png
Content-Length: 715
Last-Modified: Fri, 18 Mar 2022 15:51:42 GMT
Connection: keep-alive
ETag: "6234aa8e-2cb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

umami.fadunews.in/umami.js

143.198.115.204

200 OK

1.3 kB

URL HTTP/1.1
umami.fadunews.in/umami.js
IP
143.198.115.204:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (2522)
Size
1.3 kB (1291 bytes)
Hash
8ba7d2904fb8809043a33b2763f30ea6
f337bb05a23aa985d1fd7170b96f92386660ba98
cbf0acfff9b09f60d19d8b69eff9d141dc1248fc9e18d39204b07cca154ed3a6

HTTP Headers

GET /umami.js HTTP/1.1
Host: umami.fadunews.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 07 Dec 2022 03:03:00 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
Last-Modified: Wed, 06 Oct 2021 07:50:07 GMT
ETag: W/"9db-17c5494bf98"
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
975d829b6c1182baa9059ef46ba71c89
4cad25f5dc5997779e9bde153551bf7fa3481938
5a23467d164713da6a0ba9cff3d114780c255f12696ad50c3efc214c8895ee64

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=129211
Date: Wed, 07 Dec 2022 03:03:00 GMT
Etag: "638f4418-1d7"
Expires: Thu, 08 Dec 2022 14:56:31 GMT
Last-Modified: Tue, 06 Dec 2022 13:31:04 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -RW8EUzBmiB6sYSCD0toe-JBG46PtIIVBW4SHz83Hhdw7LBdMDkk9w==
Age: 5127

simplewebanalysis.com/stats

52.28.211.11

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
1e37b8ff78bbca919aa51bd91c614136
569bdce2ea5c45f3b813d3a0640a1b682057736f
ee6c8fd9d481d5be911a07bd34d062fd37517db0bca6948a4fb14dd79ca08503

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mavink.com
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mavink.com
access-control-allow-credentials: true
set-cookie: uid_id2=02d0c341-a896-43ea-ad17-9128fcf531e6:3:1; expires=Sat, 04 Dec 2032 03:03:00 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

52.28.211.11

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
aa66252cabf13a47b6efc375868eb28d
39d1f6f83f1613cd8e7374c179c5682ef64b2d29
9d0dcb011295eed70e1d5617dd9371268005cac889af379b8f6f051b9afdc9c1

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mavink.com
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mavink.com
access-control-allow-credentials: true
set-cookie: uid_id2=a9f29e46-209e-4224-9753-60b350340832:2:1; expires=Sat, 04 Dec 2032 03:03:00 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
975d829b6c1182baa9059ef46ba71c89
4cad25f5dc5997779e9bde153551bf7fa3481938
5a23467d164713da6a0ba9cff3d114780c255f12696ad50c3efc214c8895ee64

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=129115
Date: Wed, 07 Dec 2022 03:03:00 GMT
Etag: "638f4418-1d7"
Expires: Thu, 08 Dec 2022 14:54:55 GMT
Last-Modified: Tue, 06 Dec 2022 13:31:04 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LLpqhhBZmxYttvYMEQ70MhV0AeSbRHL3RJK7CdmZjqdwMOyGPfMb2w==
Age: 5031

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4272427aec58f70a2189081cf08dd45a
4aafd88bba141908524806f443d4e8dfdcb5f816
3921b739fe40043d4c63c0e7c480cacad9480c5bb56166349c5cd1b7657516b2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3921B739FE40043D4C63C0E7C480CACAD9480C5BB56166349C5CD1B7657516B2"
Last-Modified: Mon, 05 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13288
Expires: Wed, 07 Dec 2022 06:44:28 GMT
Date: Wed, 07 Dec 2022 03:03:00 GMT
Connection: keep-alive

simplewebanalysis.com/stats

52.28.211.11

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
a1751d23827256778bf1ab9ae2418f30
601843b824aa7e28df631de72202e50a5da8d711
17df735aa3c77081cc2331b73b377439c2e96d5a0609ca8d1631271367009958

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mavink.com
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mavink.com
access-control-allow-credentials: true
set-cookie: uid_id2=69c2aedf-29f6-49f0-a550-c90a9b46dc80:1:1; expires=Sat, 04 Dec 2032 03:03:00 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
195716bf91949ee5da8a088151c47ec1
e8cabb9f487d813386f29a333c6f29b036e5cf43
acaf52536b513729ae62e09868fe4ab83adfb251bb817a26c3d7e2e504fc2523

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 03:03:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 11 Dec 2022 00:20:31 GMT
ETag: "e8cabb9f487d813386f29a333c6f29b036e5cf43"
Last-Modified: Wed, 07 Dec 2022 00:20:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775a0692bb3fb4f3-OSL

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
195716bf91949ee5da8a088151c47ec1
e8cabb9f487d813386f29a333c6f29b036e5cf43
acaf52536b513729ae62e09868fe4ab83adfb251bb817a26c3d7e2e504fc2523

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 03:03:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 11 Dec 2022 00:20:31 GMT
ETag: "e8cabb9f487d813386f29a333c6f29b036e5cf43"
Last-Modified: Wed, 07 Dec 2022 00:20:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775a0692bf0a1c12-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8012
Expires: Wed, 07 Dec 2022 05:16:32 GMT
Date: Wed, 07 Dec 2022 03:03:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8012
Expires: Wed, 07 Dec 2022 05:16:32 GMT
Date: Wed, 07 Dec 2022 03:03:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8012
Expires: Wed, 07 Dec 2022 05:16:32 GMT
Date: Wed, 07 Dec 2022 03:03:00 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10362 bytes)
Hash
550ee57c325ce8d4892400deb24141d3
acece1761a7d4d3926500726c19d528bb204ef4c
7cc68e966362916947e7d6e24d3c001c64298fec2438a97538765d801fa7c92c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10362
x-amzn-requestid: 7fdd2011-e283-467e-9f04-741946a834ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpl_1EsooAMFhvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5065-0cddad1919d984065bd0b03e;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 01:59:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WtZWFmfVSXYRQlYwpBxj8JG_WC91ik_p68HjX7-wCfYb0624CvcBSA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:58:02 GMT
age: 71600
etag: "acece1761a7d4d3926500726c19d528bb204ef4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8351 bytes)
Hash
98d2cf29c710d25bd2f03ff216fdd369
b8eb2e11f9655f19334befc036f21489a6473827
614c9b4a7ace908c1ef807964709cb292b33b48ce1d81ccbd2959c2c0ee156ac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8351
x-amzn-requestid: 607d07ab-6833-4001-82ed-699ea91f84c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlitFk9oAMFakQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb611-3e5f14f833b332647ef7358d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0w5Usq-LJMNHxw9UrwUqSslSVROXVHTmY_UhSHNaGh4k4xqh-FSa0A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:55:40 GMT
etag: "b8eb2e11f9655f19334befc036f21489a6473827"
content-type: image/jpeg
age: 18440
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5025a35-c128-4d8f-a429-7148aaebb3b1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9781 bytes)
Hash
f38ce0fb35ef0fc66b61cafd2b09eeb6
aded2fe97a129dc820ba9d6d7605aeadfe17c15c
39bcb5e0c3a9cd39c0fcefbffd9e6f949bb9d85f0bee2b0b7c5cb999b508b1c1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5025a35-c128-4d8f-a429-7148aaebb3b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9781
x-amzn-requestid: 24355473-a83a-42b6-bdf3-ae2c39f7f3eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ccq48GfKoAMFjmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63882505-2f58dd012665cb131ceff8f2;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 03:52:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: N6GEu_CKPRnnSK5YiXyc2wNMYIfd1jOZuylB26w8FmVavlWruMSZhw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 05:59:19 GMT
age: 75821
etag: "aded2fe97a129dc820ba9d6d7605aeadfe17c15c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14896 bytes)
Hash
4884ce2731d3033b12e4792c1bbf453e
63b6efc98cb04228d82ac28fceb97bb1cf8d82fb
8c37704d0e1fd16239e28cbdb88c5ac6a2e9cfb70f8457bfab127202f89d3788

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14896
x-amzn-requestid: 58d94b15-dce0-44c0-96b1-917f1206a39e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnA4RFkeoAMFfGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4834-7c1667b53795d5c11a3bfdda;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:11:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gKrU6wAuRsrr4_VwxjHIsTHjAB_L3xy6VQPRFBTUrK4vd7ycP3kyig==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 07:46:26 GMT
age: 69394
etag: "63b6efc98cb04228d82ac28fceb97bb1cf8d82fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa051c24a-9b15-4802-8ffe-63154898a5cf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5216 bytes)
Hash
639e2589368c582a78dfccb17890f552
158b89c849ca0728151fd6d46f06b1d2c01afead
a2ae55dd59cbbf2fcb5ff552b450a1622156230425c1f430a44a791bfa55b3b3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa051c24a-9b15-4802-8ffe-63154898a5cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5216
x-amzn-requestid: de340de7-410c-4481-85c4-0aec052ccf6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYFBzIAMFgsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-2f96b0db47a0aaaa057b5135;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: J4Tw5vXVijXSm1CFHrxTCoDQWqB4c5iJP76s9kjxNCCTSnmdAZdP8A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 20:30:32 GMT
age: 23548
etag: "158b89c849ca0728151fd6d46f06b1d2c01afead"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084354d3-0d22-4203-844f-c2f6ab2af36d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8906 bytes)
Hash
b89a7fe1080499e4f7171f962b57fec4
62ef59be034071e667e3476ea0740077c86778c1
e17432ce6af0006ba36fd43e13c56c1bd1dd9b1d1bc250309bc2731ac8f52abb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084354d3-0d22-4203-844f-c2f6ab2af36d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8906
x-amzn-requestid: 453c8d4f-205d-46ac-8d24-1c9849d71419
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvmAyEMnoAMFZwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb6d1-7b5051335073a5d2339e02e1;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:40:33 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2LpJmaGp8UzaZHqa9WtCTvFq0oQYOVNAdKBdYHURf2d2v5fh7j44uQ==
via: 1.1 e124ba8d7ba1d81e2fdc59ac89f11b70.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:55:06 GMT
age: 18474
etag: "62ef59be034071e667e3476ea0740077c86778c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

foundfroshelves.com/e3/f3/f5/e3f3f59ee59a86bffff2c70678b470fd.js

192.243.61.225

200 OK

29 kB

URL HTTP/1.1
foundfroshelves.com/e3/f3/f5/e3f3f59ee59a86bffff2c70678b470fd.js
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (28776 bytes)
Hash
89518b6f6e4541d2d696825c286d7750
1f989d9202efff871422d943d11e39c8e351ac1a
b027ca9c517ca2681ecbe0ac573d7cd92743336a4e87d973b69069f93b2d0c4f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /e3/f3/f5/e3f3f59ee59a86bffff2c70678b470fd.js HTTP/1.1
Host: foundfroshelves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:03:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b0592abcb30a4dc4a307ab7b7459985f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

st.cdjapan.co.jp/pictures/l/16/13/WHV-1000646111.jpg

163.171.134.109

200 OK

22 kB

URL HTTP/1.1
st.cdjapan.co.jp/pictures/l/16/13/WHV-1000646111.jpg
IP
163.171.134.109:0
ASN
#54994 QUANTILNETWORKS

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size
22 kB (22290 bytes)
Hash
6e2670d191741aa61afcc3f32cab6e84
862dbce88e02b550469bef243f3a8f998f082717
fad68290cf3a296d17aea538aedfea68d0782d5a97f480b328b0dbf85aa7674f

HTTP Headers

GET /pictures/l/16/13/WHV-1000646111.jpg HTTP/1.1
Host: st.cdjapan.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 03:03:00 GMT
Content-Type: image/jpeg
Content-Length: 22290
Connection: keep-alive
Accept-Ranges: bytes
ETag: "2711120855"
Last-Modified: Tue, 23 May 2017 10:56:05 GMT
Server: PWS/8.3.1.0.8
Access-Control-Allow-Origin: *
Via: 1.1 PSrbdjTYO3xy63:1 (W), 1.1 PSdgflkfFRA1hb199:5 (W), 1.1 PSrdsdgemSTO1sw92:10 (W)
X-Px: ms PSrdsdgemSTO1sw92ARN,ms PSdgflkfFRA1hb199FRA,ms PSrbdjTYO3xy63HND(origin)
X-Ws-Request-Id: 63900264_PSrdsdgemSTO1sw92_9575-37084
Cache-Control: max-age=604800

192.243.61.225

307 Temporary Redirect

0 B

URL HTTP/1.1
foundfroshelves.com/watch.880713396222.js?key=2f9699d6163bff9569aab95bc537a459&kw=%5B%22cd%22%2C%22illusion%22%2C%22girls%22%5D&refer=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&tz=0&dev=e&res=12.1055&uuid=a9f29e46-209e-4224-9753-60b350340832%3A2%3A1
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.880713396222.js?key=2f9699d6163bff9569aab95bc537a459&kw=%5B%22cd%22%2C%22illusion%22%2C%22girls%22%5D&refer=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&tz=0&dev=e&res=12.1055&uuid=a9f29e46-209e-4224-9753-60b350340832%3A2%3A1 HTTP/1.1
Host: foundfroshelves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mavink.com
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:03:00 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mavink.com
Access-Control-Allow-Origin: https://mavink.com
Access-Control-Allow-Credentials: true
Location: https://foundfroshelves.com/watch.880713396222.js?key=2f9699d6163bff9569aab95bc537a459&kw=%5B%22cd%22%2C%22illusion%22%2C%22girls%22%5D&refer=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&tz=0&dev=e&res=12.1055&uuid=a9f29e46-209e-4224-9753-60b350340832%3A2%3A1&shu=9a5d6f968db2a2650e72bcfd549e724e7baf54f143554f6d83d35fdd3df58dc3aaf00ef13d51c1a9288aa54b5b864ea737d3ad9f66a77aab0eadccd16ad355cba9875c9e8b237bdb362df9987bfebedc21b71173&pst=1670382240&rmtc=t
Set-Cookie: u_pl=17372455; expires=Thu, 08 Dec 2022 03:03:00 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM3MjQ1NSwiayI6IjJmOTY5OWQ2MTYzYmZmOTU2OWFhYjk1YmM1MzdhNDU5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODk0MTM2LCJwaWQiOjQ1ODE0NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InhmYTYyODRwIiwiY3BrcyI6eyAiMjkiOiJlODg3ZjllOTNlOTA2MGQ5NDg0NjUxYTg0MWMyNjY0ZCIsIjI4IjoiZTNmM2Y1OWVlNTlhODZiZmZmZjJjNzA2NzhiNDcwZmQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWF2aW5rLmNvbS9leHBsb3JlL0NELUlsbHVzaW9uLUdpcmxzIn19.NselZAeYRQE1-3dMsDvtbPQartVA-iaP_JPV80lJPiw; expires=Wed, 07 Dec 2022 03:04:00 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a1f6f1dd0f2ab799db4311eca9e9ebe6
Strict-Transport-Security: max-age=0; includeSubdomains

192.243.61.225

307 Temporary Redirect

0 B

URL HTTP/1.1
foundfroshelves.com/watch.24016859514.js?key=2f9699d6163bff9569aab95bc537a459&kw=%5B%22cd%22%2C%22illusion%22%2C%22girls%22%5D&refer=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&tz=0&dev=e&res=12.1055&uuid=02d0c341-a896-43ea-ad17-9128fcf531e6%3A3%3A1
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.24016859514.js?key=2f9699d6163bff9569aab95bc537a459&kw=%5B%22cd%22%2C%22illusion%22%2C%22girls%22%5D&refer=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&tz=0&dev=e&res=12.1055&uuid=02d0c341-a896-43ea-ad17-9128fcf531e6%3A3%3A1 HTTP/1.1
Host: foundfroshelves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mavink.com
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:03:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mavink.com
Access-Control-Allow-Origin: https://mavink.com
Access-Control-Allow-Credentials: true
Location: https://foundfroshelves.com/watch.24016859514.js?key=2f9699d6163bff9569aab95bc537a459&kw=%5B%22cd%22%2C%22illusion%22%2C%22girls%22%5D&refer=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&tz=0&dev=e&res=12.1055&uuid=02d0c341-a896-43ea-ad17-9128fcf531e6%3A3%3A1&shu=015d8d3c595ecbb9b5dd5aff1c3fccecc83ea2eee2286bf28b63434b3471a0ac14fa9545130fb661a553b1c50ce67910c8ce2ed1162f52cceb8c3aec117307899685844094fba98ebc2eb096b65a345d5afe67&pst=1670382241&rmtc=t
Set-Cookie: u_pl=17372455; expires=Thu, 08 Dec 2022 03:03:01 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM3MjQ1NSwiayI6IjJmOTY5OWQ2MTYzYmZmOTU2OWFhYjk1YmM1MzdhNDU5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODk0MTM2LCJwaWQiOjQ1ODE0NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InhmYTYyODRwIiwiY3BrcyI6eyAiMjgiOiJlM2YzZjU5ZWU1OWE4NmJmZmZmMmM3MDY3OGI0NzBmZCIsIjI5IjoiZTg4N2Y5ZTkzZTkwNjBkOTQ4NDY1MWE4NDFjMjY2NGQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWF2aW5rLmNvbS9leHBsb3JlL0NELUlsbHVzaW9uLUdpcmxzIn19.yYskJwywxzGHaLzzdkXdhUYgUlWF8B4V42OrTizr_MA; expires=Wed, 07 Dec 2022 03:04:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8772b9dde97ae0efb04edc4de10c383a
Strict-Transport-Security: max-age=0; includeSubdomains

192.243.61.225

307 Temporary Redirect

0 B

URL HTTP/1.1
foundfroshelves.com/watch.1526580972373.js?key=2f9699d6163bff9569aab95bc537a459&kw=%5B%22cd%22%2C%22illusion%22%2C%22girls%22%5D&refer=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&tz=0&dev=e&res=12.1055&uuid=69c2aedf-29f6-49f0-a550-c90a9b46dc80%3A1%3A1
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.1526580972373.js?key=2f9699d6163bff9569aab95bc537a459&kw=%5B%22cd%22%2C%22illusion%22%2C%22girls%22%5D&refer=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&tz=0&dev=e&res=12.1055&uuid=69c2aedf-29f6-49f0-a550-c90a9b46dc80%3A1%3A1 HTTP/1.1
Host: foundfroshelves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mavink.com
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:03:01 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mavink.com
Access-Control-Allow-Origin: https://mavink.com
Access-Control-Allow-Credentials: true
Location: https://foundfroshelves.com/watch.1526580972373.js?key=2f9699d6163bff9569aab95bc537a459&kw=%5B%22cd%22%2C%22illusion%22%2C%22girls%22%5D&refer=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&tz=0&dev=e&res=12.1055&uuid=69c2aedf-29f6-49f0-a550-c90a9b46dc80%3A1%3A1&shu=ebc919cfc40d110fdf7b77928b52d8036a1ef6f7fe164b86cce7574774bd3c19a9e98c3d6daa39f9acc60b7561cd759b0794fdb3afc15861d46aa8bedd8d33d90f8c132075f946e28a1914900840f3b1ae17560a029166e74f5493ac8be1b9&pst=1670382241&rmtc=t
Set-Cookie: u_pl=17372455; expires=Thu, 08 Dec 2022 03:03:01 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM3MjQ1NSwiayI6IjJmOTY5OWQ2MTYzYmZmOTU2OWFhYjk1YmM1MzdhNDU5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODk0MTM2LCJwaWQiOjQ1ODE0NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InhmYTYyODRwIiwiY3BrcyI6eyAiMjgiOiJlM2YzZjU5ZWU1OWE4NmJmZmZmMmM3MDY3OGI0NzBmZCIsIjI5IjoiZTg4N2Y5ZTkzZTkwNjBkOTQ4NDY1MWE4NDFjMjY2NGQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWF2aW5rLmNvbS9leHBsb3JlL0NELUlsbHVzaW9uLUdpcmxzIn19.yYskJwywxzGHaLzzdkXdhUYgUlWF8B4V42OrTizr_MA; expires=Wed, 07 Dec 2022 03:04:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 75832b3024cc4c9db1a765e828745d9b
Strict-Transport-Security: max-age=0; includeSubdomains

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ce278e6fa3d34e3cc75a5ef879018ba5
18bb58a1d5c6057dc635664334edcddca3d085b9
6852446f2900885082395b9cb669fa0f6a4116f919493a1827119bb8c9025e6f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c28f8d18bc886cc8c1859b7e917c5fe
82016e07dfe891fa69f7d533d3bed822cbd4c42a
f3def2c62b9815c5285d1f7dd3452a0be37d945fc59cbd0cfbcec42cce479aec

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3DEF2C62B9815C5285D1F7DD3452A0BE37D945FC59CBD0CFBCEC42CCE479AEC"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1919
Expires: Wed, 07 Dec 2022 03:35:00 GMT
Date: Wed, 07 Dec 2022 03:03:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c28f8d18bc886cc8c1859b7e917c5fe
82016e07dfe891fa69f7d533d3bed822cbd4c42a
f3def2c62b9815c5285d1f7dd3452a0be37d945fc59cbd0cfbcec42cce479aec

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3DEF2C62B9815C5285D1F7DD3452A0BE37D945FC59CBD0CFBCEC42CCE479AEC"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1919
Expires: Wed, 07 Dec 2022 03:35:00 GMT
Date: Wed, 07 Dec 2022 03:03:01 GMT
Connection: keep-alive

umami.fadunews.in/api/collect

143.198.115.204

204 No Content

0 B

URL HTTP/1.1
umami.fadunews.in/api/collect
IP
143.198.115.204:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/collect HTTP/1.1
Host: umami.fadunews.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://mavink.com/
Origin: https://mavink.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 07 Dec 2022 03:03:01 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: content-type

f.jwwb.nl/public/h/b/p/temp-jznbexhbwdkggmfvpara/klkivs/onewe-1ste-single-album-memory-illusion-kpopcentral-details.png

151.101.65.91

302 Found

0 B

URL HTTP/2
f.jwwb.nl/public/h/b/p/temp-jznbexhbwdkggmfvpara/klkivs/onewe-1ste-single-album-memory-illusion-kpopcentral-details.png
IP
151.101.65.91:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /public/h/b/p/temp-jznbexhbwdkggmfvpara/klkivs/onewe-1ste-single-album-memory-illusion-kpopcentral-details.png HTTP/1.1
Host: f.jwwb.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: Varnish
retry-after: 0
location: https://fastly.jwwb.nl/public/h/b/p/temp-jznbexhbwdkggmfvpara/klkivs/onewe-1ste-single-album-memory-illusion-kpopcentral-details.png
accept-ranges: bytes
date: Wed, 07 Dec 2022 03:03:01 GMT
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 0
x-timer: S1670382181.118082,VS0,VE0
content-length: 0
X-Firefox-Spdy: h2

commento.fadunews.in/api/comment/list

174.138.40.107

200 OK

619 B

URL HTTP/2
commento.fadunews.in/api/comment/list
IP
174.138.40.107:0
ASN
#14061 DIGITALOCEAN-ASN

File type
JSON data\012- , ASCII text, with very long lines (619), with no line terminators
Size
619 B (619 bytes)
Hash
79f0463d76188295e042b8253b742f7b
b6d70a8c790345dc9e7514e9b96b9b4cc600c55b
4268f5c9be353bb2f26d1cea9bce1c836f820151b08ea21828ce15c70657dcc4

HTTP Headers

POST /api/comment/list HTTP/1.1
Host: commento.fadunews.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 88
Origin: https://mavink.com
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 03:03:01 GMT
content-type: text/plain; charset=utf-8
content-length: 619
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubdomains
X-Firefox-Spdy: h2

fastly.jwwb.nl/public/h/b/p/temp-jznbexhbwdkggmfvpara/klkivs/onewe-1ste-single-album-memory-illusion-kpopcentral-details.png

151.101.129.91

200 OK

794 kB

URL HTTP/2
fastly.jwwb.nl/public/h/b/p/temp-jznbexhbwdkggmfvpara/klkivs/onewe-1ste-single-album-memory-illusion-kpopcentral-details.png
IP
151.101.129.91:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
794 kB (794244 bytes)
Hash
1808e55c51906b90f9b770989c394b75
464287e96d34c203f86a6378a96cd75703216ab2
dce5c4ce744600fbf5bd8f92f580885cfaa082929573908a86acc8163b39d739

HTTP Headers

GET /public/h/b/p/temp-jznbexhbwdkggmfvpara/klkivs/onewe-1ste-single-album-memory-illusion-kpopcentral-details.png HTTP/1.1
Host: fastly.jwwb.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mavink.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/webp
etag: "1DURbqAei6v5PNsNVaccbR/++SmtgH7m+1AApjlMxEo"
fastly-io-info: ifsz=1252118 idim=800x5292 ifmt=png ofsz=794244 odim=800x5292 ofmt=webp
fastly-stats: io=1
server: UploadServer
x-goog-meta-fl-original-last-modified: 2020-12-22T15:55:50Z
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=7776000
accept-ranges: bytes
date: Wed, 07 Dec 2022 03:03:01 GMT
age: 1425051
vary: Accept
content-length: 794244
X-Firefox-Spdy: h2

foundfroshelves.com/watch.880713396222.js?key=2f9699d6163bff9569aab95bc537a459&kw=%5B%22cd%22%2C%22illusion%22%2C%22girls%22%5D&refer=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&tz=0&dev=e&res=12.1055&uuid=a9f29e46-209e-4224-9753-60b350340832%3A2%3A1&shu=9a5d6f968db2a2650e72bcfd549e724e7baf54f143554f6d83d35fdd3df58dc3aaf00ef13d51c1a9288aa54b5b864ea737d3ad9f66a77aab0eadccd16ad355cba9875c9e8b237bdb362df9987bfebedc21b71173&pst=1670382240&rmtc=t

192.243.61.225

200 OK

2.1 kB

URL HTTP/1.1
foundfroshelves.com/watch.880713396222.js?key=2f9699d6163bff9569aab95bc537a459&kw=%5B%22cd%22%2C%22illusion%22%2C%22girls%22%5D&refer=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&tz=0&dev=e&res=12.1055&uuid=a9f29e46-209e-4224-9753-60b350340832%3A2%3A1&shu=9a5d6f968db2a2650e72bcfd549e724e7baf54f143554f6d83d35fdd3df58dc3aaf00ef13d51c1a9288aa54b5b864ea737d3ad9f66a77aab0eadccd16ad355cba9875c9e8b237bdb362df9987bfebedc21b71173&pst=1670382240&rmtc=t
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (2603)
Size
2.1 kB (2081 bytes)
Hash
340a992c69ff0128a154ef20e614421d
9aa82bef54b508cc2c9b8e5e41ac60c1ecaafa81
a61ecc7a1940b22fa147b1ce4a2b3b6b02d71a3f81252ec5f5c2c6535e9ea1b3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.880713396222.js?key=2f9699d6163bff9569aab95bc537a459&kw=%5B%22cd%22%2C%22illusion%22%2C%22girls%22%5D&refer=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&tz=0&dev=e&res=12.1055&uuid=a9f29e46-209e-4224-9753-60b350340832%3A2%3A1&shu=9a5d6f968db2a2650e72bcfd549e724e7baf54f143554f6d83d35fdd3df58dc3aaf00ef13d51c1a9288aa54b5b864ea737d3ad9f66a77aab0eadccd16ad355cba9875c9e8b237bdb362df9987bfebedc21b71173&pst=1670382240&rmtc=t HTTP/1.1
Host: foundfroshelves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mavink.com
Referer: https://mavink.com/
Connection: keep-alive
Cookie: u_pl=17372455; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM3MjQ1NSwiayI6IjJmOTY5OWQ2MTYzYmZmOTU2OWFhYjk1YmM1MzdhNDU5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODk0MTM2LCJwaWQiOjQ1ODE0NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InhmYTYyODRwIiwiY3BrcyI6eyAiMjgiOiJlM2YzZjU5ZWU1OWE4NmJmZmZmMmM3MDY3OGI0NzBmZCIsIjI5IjoiZTg4N2Y5ZTkzZTkwNjBkOTQ4NDY1MWE4NDFjMjY2NGQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWF2aW5rLmNvbS9leHBsb3JlL0NELUlsbHVzaW9uLUdpcmxzIn19.yYskJwywxzGHaLzzdkXdhUYgUlWF8B4V42OrTizr_MA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:03:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mavink.com
Access-Control-Allow-Origin: https://mavink.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a9f29e46-209e-4224-9753-60b350340832:2:1; expires=Wed, 14 Dec 2022 03:03:01 GMT; secure; SameSite=None
iprc8cd701584be15875c57450aca5aa0f0e=3569806; expires=Wed, 07 Dec 2022 07:03:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 08 Dec 2022 03:03:01 GMT; secure; SameSite=None
uncs=1; expires=Thu, 08 Dec 2022 03:03:01 GMT; secure; SameSite=None
pdhtkv5=true; expires=Thu, 08 Dec 2022 03:03:01 GMT; secure; SameSite=None
uncs5=1; expires=Thu, 08 Dec 2022 03:03:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3d48ac7d729d65f7231d8e01378be436
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

foundfroshelves.com/watch.1526580972373.js?key=2f9699d6163bff9569aab95bc537a459&kw=%5B%22cd%22%2C%22illusion%22%2C%22girls%22%5D&refer=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&tz=0&dev=e&res=12.1055&uuid=69c2aedf-29f6-49f0-a550-c90a9b46dc80%3A1%3A1&shu=ebc919cfc40d110fdf7b77928b52d8036a1ef6f7fe164b86cce7574774bd3c19a9e98c3d6daa39f9acc60b7561cd759b0794fdb3afc15861d46aa8bedd8d33d90f8c132075f946e28a1914900840f3b1ae17560a029166e74f5493ac8be1b9&pst=1670382241&rmtc=t

192.243.61.225

200 OK

642 B

URL HTTP/1.1
foundfroshelves.com/watch.1526580972373.js?key=2f9699d6163bff9569aab95bc537a459&kw=%5B%22cd%22%2C%22illusion%22%2C%22girls%22%5D&refer=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&tz=0&dev=e&res=12.1055&uuid=69c2aedf-29f6-49f0-a550-c90a9b46dc80%3A1%3A1&shu=ebc919cfc40d110fdf7b77928b52d8036a1ef6f7fe164b86cce7574774bd3c19a9e98c3d6daa39f9acc60b7561cd759b0794fdb3afc15861d46aa8bedd8d33d90f8c132075f946e28a1914900840f3b1ae17560a029166e74f5493ac8be1b9&pst=1670382241&rmtc=t
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (602)
Size
642 B (642 bytes)
Hash
497a1c49a0e164026dc7de0ba4c6bec0
f22f45ce621b290c6960f26586dd43e06a2d82d3
6e51fbd16183d45e05e6b424ce182a6869032c43b615d914f6151ec14ad6ac8c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.1526580972373.js?key=2f9699d6163bff9569aab95bc537a459&kw=%5B%22cd%22%2C%22illusion%22%2C%22girls%22%5D&refer=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&tz=0&dev=e&res=12.1055&uuid=69c2aedf-29f6-49f0-a550-c90a9b46dc80%3A1%3A1&shu=ebc919cfc40d110fdf7b77928b52d8036a1ef6f7fe164b86cce7574774bd3c19a9e98c3d6daa39f9acc60b7561cd759b0794fdb3afc15861d46aa8bedd8d33d90f8c132075f946e28a1914900840f3b1ae17560a029166e74f5493ac8be1b9&pst=1670382241&rmtc=t HTTP/1.1
Host: foundfroshelves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mavink.com
Referer: https://mavink.com/
Connection: keep-alive
Cookie: u_pl=17372455; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM3MjQ1NSwiayI6IjJmOTY5OWQ2MTYzYmZmOTU2OWFhYjk1YmM1MzdhNDU5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODk0MTM2LCJwaWQiOjQ1ODE0NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InhmYTYyODRwIiwiY3BrcyI6eyAiMjgiOiJlM2YzZjU5ZWU1OWE4NmJmZmZmMmM3MDY3OGI0NzBmZCIsIjI5IjoiZTg4N2Y5ZTkzZTkwNjBkOTQ4NDY1MWE4NDFjMjY2NGQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWF2aW5rLmNvbS9leHBsb3JlL0NELUlsbHVzaW9uLUdpcmxzIn19.yYskJwywxzGHaLzzdkXdhUYgUlWF8B4V42OrTizr_MA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:03:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mavink.com
Access-Control-Allow-Origin: https://mavink.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=69c2aedf-29f6-49f0-a550-c90a9b46dc80:1:1; expires=Wed, 14 Dec 2022 03:03:01 GMT; secure; SameSite=None
iprc2f42f0045f8c83ef64d3e9c64e216224=2717340; expires=Thu, 08 Dec 2022 05:03:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 08 Dec 2022 03:03:01 GMT; secure; SameSite=None
uncs=1; expires=Thu, 08 Dec 2022 03:03:01 GMT; secure; SameSite=None
pdhtkv5=true; expires=Thu, 08 Dec 2022 03:03:01 GMT; secure; SameSite=None
uncs5=1; expires=Thu, 08 Dec 2022 03:03:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a256f37621a507a893f75934508f5609
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
78cbec8d8f3cb9d7274878548eda6908
32c383b1b78ffa9f2b8e8ee741f0bc2de0c1d8ea
b96208c37439bf95706ca13b40114f76d6d06cb20a4cc1fdd91f8ddb11c48f73

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B96208C37439BF95706CA13B40114F76D6D06CB20A4CC1FDD91F8DDB11C48F73"
Last-Modified: Tue, 06 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6526
Expires: Wed, 07 Dec 2022 04:51:47 GMT
Date: Wed, 07 Dec 2022 03:03:01 GMT
Connection: keep-alive

foundfroshelves.com/watch.24016859514.js?key=2f9699d6163bff9569aab95bc537a459&kw=%5B%22cd%22%2C%22illusion%22%2C%22girls%22%5D&refer=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&tz=0&dev=e&res=12.1055&uuid=02d0c341-a896-43ea-ad17-9128fcf531e6%3A3%3A1&shu=015d8d3c595ecbb9b5dd5aff1c3fccecc83ea2eee2286bf28b63434b3471a0ac14fa9545130fb661a553b1c50ce67910c8ce2ed1162f52cceb8c3aec117307899685844094fba98ebc2eb096b65a345d5afe67&pst=1670382241&rmtc=t

192.243.61.225

200 OK

642 B

URL HTTP/1.1
foundfroshelves.com/watch.24016859514.js?key=2f9699d6163bff9569aab95bc537a459&kw=%5B%22cd%22%2C%22illusion%22%2C%22girls%22%5D&refer=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&tz=0&dev=e&res=12.1055&uuid=02d0c341-a896-43ea-ad17-9128fcf531e6%3A3%3A1&shu=015d8d3c595ecbb9b5dd5aff1c3fccecc83ea2eee2286bf28b63434b3471a0ac14fa9545130fb661a553b1c50ce67910c8ce2ed1162f52cceb8c3aec117307899685844094fba98ebc2eb096b65a345d5afe67&pst=1670382241&rmtc=t
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (602)
Size
642 B (642 bytes)
Hash
497a1c49a0e164026dc7de0ba4c6bec0
f22f45ce621b290c6960f26586dd43e06a2d82d3
6e51fbd16183d45e05e6b424ce182a6869032c43b615d914f6151ec14ad6ac8c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.24016859514.js?key=2f9699d6163bff9569aab95bc537a459&kw=%5B%22cd%22%2C%22illusion%22%2C%22girls%22%5D&refer=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&tz=0&dev=e&res=12.1055&uuid=02d0c341-a896-43ea-ad17-9128fcf531e6%3A3%3A1&shu=015d8d3c595ecbb9b5dd5aff1c3fccecc83ea2eee2286bf28b63434b3471a0ac14fa9545130fb661a553b1c50ce67910c8ce2ed1162f52cceb8c3aec117307899685844094fba98ebc2eb096b65a345d5afe67&pst=1670382241&rmtc=t HTTP/1.1
Host: foundfroshelves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mavink.com
Referer: https://mavink.com/
Connection: keep-alive
Cookie: u_pl=17372455; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzM3MjQ1NSwiayI6IjJmOTY5OWQ2MTYzYmZmOTU2OWFhYjk1YmM1MzdhNDU5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODk0MTM2LCJwaWQiOjQ1ODE0NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InhmYTYyODRwIiwiY3BrcyI6eyAiMjgiOiJlM2YzZjU5ZWU1OWE4NmJmZmZmMmM3MDY3OGI0NzBmZCIsIjI5IjoiZTg4N2Y5ZTkzZTkwNjBkOTQ4NDY1MWE4NDFjMjY2NGQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWF2aW5rLmNvbS9leHBsb3JlL0NELUlsbHVzaW9uLUdpcmxzIn19.yYskJwywxzGHaLzzdkXdhUYgUlWF8B4V42OrTizr_MA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:03:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mavink.com
Access-Control-Allow-Origin: https://mavink.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=02d0c341-a896-43ea-ad17-9128fcf531e6:3:1; expires=Wed, 14 Dec 2022 03:03:01 GMT; secure; SameSite=None
iprc2f42f0045f8c83ef64d3e9c64e216224=2717340; expires=Thu, 08 Dec 2022 05:03:01 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 08 Dec 2022 03:03:01 GMT; secure; SameSite=None
uncs=1; expires=Thu, 08 Dec 2022 03:03:01 GMT; secure; SameSite=None
pdhtkv5=true; expires=Thu, 08 Dec 2022 03:03:01 GMT; secure; SameSite=None
uncs5=1; expires=Thu, 08 Dec 2022 03:03:01 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3286be0bc74033da6f1d51c4d0672192
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

st.cdjapan.co.jp/pictures/l/03/28/PLJM-80229.jpg

163.171.134.109

200 OK

121 kB

URL HTTP/1.1
st.cdjapan.co.jp/pictures/l/03/28/PLJM-80229.jpg
IP
163.171.134.109:0
ASN
#54994 QUANTILNETWORKS

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 500x627, components 3\012- data
Size
121 kB (121284 bytes)
Hash
90b71fbabeaeea719d250386038a66b7
d41393c9cc96cd65b469e184c153e0fc54974bc6
01687a556f39cce74ddc76658b76fb4a62172cb35204001d66218e4e7ebc1a1d

HTTP Headers

GET /pictures/l/03/28/PLJM-80229.jpg HTTP/1.1
Host: st.cdjapan.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 03:03:01 GMT
Content-Type: image/jpeg
Content-Length: 121284
Connection: keep-alive
Accept-Ranges: bytes
ETag: "933777148"
Last-Modified: Wed, 22 Feb 2017 03:28:16 GMT
Server: PWS/8.3.1.0.8
Access-Control-Allow-Origin: *
Via: 1.1 PSrbdjTYO3xy63:1 (W), 1.1 kf230:5 (W), 1.1 PS-ARN-01C8L93:18 (W)
X-Px: ms PS-ARN-01C8L93ARN,ms kf230FRA,ms PSrbdjTYO3xy63HND(origin)
X-Ws-Request-Id: 63900264_PS-ARN-016FX94_8299-58967
Cache-Control: max-age=604800

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
4917cc6624241deee597945d54f0704d
5a931a80c73235f72e1b286b2faba572c3ed8dfe
b05e01a9c9cfdfa4045d746ae30757368040277e4aab95476ed371629070d4ba

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=99241
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:01 GMT
Etag: "638ee30e-118"
Expires: Thu, 08 Dec 2022 06:37:02 GMT
Last-Modified: Tue, 06 Dec 2022 06:37:02 GMT
Server: nginx
Content-Length: 280

foundfroshelves.com/e3/f3/f5/e3f3f59ee59a86bffff2c70678b470fd.js

192.243.61.225

200 OK

29 kB

URL HTTP/1.1
foundfroshelves.com/e3/f3/f5/e3f3f59ee59a86bffff2c70678b470fd.js
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (28769 bytes)
Hash
89121b5a7e56c6856a2d914bc79214b3
dc9dfa824f983b53ff13132b7b57553929367652
60372e15a297e2a769d0818169375cf6c55eb113e518e4ddbfba20012d5b6deb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /e3/f3/f5/e3f3f59ee59a86bffff2c70678b470fd.js HTTP/1.1
Host: foundfroshelves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 03:03:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 22b1865b3807af11ef0c4cd4a52342ae
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
3678b6b71be8a5e648cc067ef5341311
1982777c944ae2d57f722c1daabe42a3ac72837d
432933eb39e9954c719563e75ea5e0be6b097bc50e55f4b6f249e788d050e103

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 03:03:01 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 00:26:15 GMT
Expires: Sun, 11 Dec 2022 00:26:14 GMT
Etag: "1982777c944ae2d57f722c1daabe42a3ac72837d"
Cache-Control: max-age=335592,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775a0698def7b4ed-OSL

commento.fadunews.in/css/commento.css

174.138.40.107

200 OK

6.2 kB

URL HTTP/2
commento.fadunews.in/css/commento.css
IP
174.138.40.107:0
ASN
#14061 DIGITALOCEAN-ASN

File type
data
Size
6.2 kB (6240 bytes)
Hash
afb33c54ec9f7eaa8349144935ddf485
4d20a8bb45b9b7d591c2b02e1dd51f03b724acd1
e863f24afae66d516e841ca2c6011effd30481d2230b034c9f5d3628c7bb4bc3

HTTP Headers

GET /css/commento.css HTTP/1.1
Host: commento.fadunews.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 03:03:01 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubdomains
content-encoding: gzip
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-LXJJFJVFZ5&gtm=2oebu0&_p=1958735738&cid=833475771.1670382181&ul=en-us&sr=1280x1024&_s=1&sid=1670382180&sct=1&seg=0&dl=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&dt=CD%20Illusion%20Girls&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-LXJJFJVFZ5&gtm=2oebu0&_p=1958735738&cid=833475771.1670382181&ul=en-us&sr=1280x1024&_s=1&sid=1670382180&sct=1&seg=0&dl=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&dt=CD%20Illusion%20Girls&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-LXJJFJVFZ5&gtm=2oebu0&_p=1958735738&cid=833475771.1670382181&ul=en-us&sr=1280x1024&_s=1&sid=1670382180&sct=1&seg=0&dl=https%3A%2F%2Fmavink.com%2Fexplore%2FCD-Illusion-Girls&dt=CD%20Illusion%20Girls&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mavink.com
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://mavink.com
date: Wed, 07 Dec 2022 03:03:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3f15712225b216539aebfa2f1467c228
9f879596dddaf6360ac32a1ff58bfa04e43a8aa1
88e0df473f45cd5fff9ffca2669da6542e0cf7d1ab2db36333d7641c5bdaff3c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88E0DF473F45CD5FFF9FFCA2669DA6542E0CF7D1AB2DB36333D7641C5BDAFF3C"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1005
Expires: Wed, 07 Dec 2022 03:19:47 GMT
Date: Wed, 07 Dec 2022 03:03:02 GMT
Connection: keep-alive

www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17372455

192.243.59.20

200 OK

1.3 kB

URL HTTP/1.1
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17372455
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
1.3 kB (1253 bytes)
Hash
c79affaecc7b49b6309e89e43c15c629
8d6796014de1fec00f08c1e8efe2716ba3b8a225
7d6d52cfa428b4f9daea06580fbf6ae127c787e19a3f24e20baa1d4eabfebe14

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17372455 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 07 Dec 2022 03:03:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Thu, 08 Dec 2022 03:03:02 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTczNzI0NTUiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9tYXZpbmsuY29tLyJ9fQ.kuTQU85XEs8IOj7UJUCzci7Q3IVi4bqosAHzyZ_IayA; expires=Wed, 07 Dec 2022 03:04:02 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a503e027d21ebdc8f07ba25a8d974e91
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

commento.fadunews.in/fonts/source-sans-400-latin.woff2

174.138.40.107

200 OK

12 kB

URL HTTP/2
commento.fadunews.in/fonts/source-sans-400-latin.woff2
IP
174.138.40.107:0
ASN
#14061 DIGITALOCEAN-ASN

File type
Web Open Font Format (Version 2), TrueType, length 15908, version 1.0\012- data
Size
12 kB (12150 bytes)
Hash
8cc18b01d2ecc707b382fded06caeee6
53bce2f27fb1a5291e5bbb955ce95d3118ab7851
ced6be93864c85b5e320ccef825696d24ef10750f4e852f8bb75b5c50b49e7cf

HTTP Headers

GET /fonts/source-sans-400-latin.woff2 HTTP/1.1
Host: commento.fadunews.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mavink.com
Connection: keep-alive
Referer: https://commento.fadunews.in/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 03:03:01 GMT
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubdomains
X-Firefox-Spdy: h2

xml-v4.trafficmoose.com/click?seat=1705924&i=IPWKaGN75*U_0

198.134.116.17

302 Found

0 B

URL HTTP/1.1
xml-v4.trafficmoose.com/click?seat=1705924&i=IPWKaGN75*U_0
IP
198.134.116.17:0
ASN
#27257 WEBAIR-INTERNET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?seat=1705924&i=IPWKaGN75*U_0 HTTP/1.1
Host: xml-v4.trafficmoose.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=d_114896.16122660
Pragma: no-cache

adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=d_114896.16122660

23.36.79.43

307 Temporary Redirect

0 B

URL HTTP/2
adserving.unibet.com/redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=d_114896.16122660
IP
23.36.79.43:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?bid=37950&pid=29326169&sref=TRM&TRM=d_114896.16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Wed, 07 Dec 2022 03:03:03 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 07 Dec 2022 03:03:03 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d; domain=.unibet.com; expires=Fri, 07-Dec-3021 03:03:03 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=31, origin; dur=43
X-Firefox-Spdy: h2

www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950

85.184.96.0

301 Moved Permanently

0 B

URL HTTP/2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950
IP
85.184.96.0:0
ASN
#47171 Unibet Services Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Wed, 07 Dec 2022 03:03:03 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950
set-cookie: JSESSIONID=node0j4hobbkuglkx3luuvwc1ta6f3924253.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node0j4hobbkuglkx3luuvwc1ta6f3; Path=/; Domain=.unibet.nu; Expires=Fri, 06-Dec-2024 03:03:03 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Fri, 06-Dec-2024 03:03:03 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref=; Path=/; Domain=.unibet.nu; Expires=Fri, 06-Dec-2024 03:03:03 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=320665405_F268FD1F2FAF49D6B509FC7662A3BD47; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68248853; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_F268FD1F2FAF49D6B509FC7662A3BD47%26sref%3DTRM%26TRM%3Dd_114896.16122660%26affiliateId%3D1%26pid%3D68248853%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Wed, 07 Dec 2022 03:03:03 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2

www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950

85.184.96.0

301 Moved Permanently

0 B

URL HTTP/2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950
IP
85.184.96.0:0
ASN
#47171 Unibet Services Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&sref=TRM&TRM=d_114896.16122660&affiliateId=1&pid=68248853&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ucbt=node0j4hobbkuglkx3luuvwc1ta6f3; uniattr=ST.0.T; uniattr_ref=; affiliateId=1; B-TAG=320665405_F268FD1F2FAF49D6B509FC7662A3BD47; BID=37950; PID=68248853; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320665405_F268FD1F2FAF49D6B509FC7662A3BD47%26sref%3DTRM%26TRM%3Dd_114896.16122660%26affiliateId%3D1%26pid%3D68248853%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
date: Wed, 07 Dec 2022 03:03:03 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Wed, 07 Dec 2022 03:03:03 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9483dca1790d0c6650789d7e00809d1b
fdee4da9109d08173bf57c40f68c8a955b6d4e89
3e355df7a5f896d06c387e1ff648760258243246303bb4bb6d3234762639ac62

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E355DF7A5F896D06C387E1FF648760258243246303BB4BB6D3234762639AC62"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14560
Expires: Wed, 07 Dec 2022 07:05:43 GMT
Date: Wed, 07 Dec 2022 03:03:03 GMT
Connection: keep-alive

welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg

104.18.24.188

200 OK

1.2 kB

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1481), with no line terminators
Size
1.2 kB (1228 bytes)
Hash
7ad910a1b356dc3b32bc9fdf2a6f3d8f
eae37e8c422db6001befaf860d60119f0ed52607
71df5b219213104cb884f8fa5e9013971358e86b88ae5a18dc3732412fc7ddb4

HTTP Headers

GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3E60357"
x-ms-request-id: 16b99321-701e-000b-6a03-03e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 153348
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06aa8e340afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
ca0163b98fe08400ca256eab5d2c4aa6
9f98a05573d6618a68e19da6f9b323bff4383193
49dc62f616be2b0f8db1221efc5885d66e53c5d96633d4fffb9f98a153bc40c9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5481
Cache-Control: max-age=124513
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:04 GMT
Etag: "638f3060-117"
Expires: Thu, 08 Dec 2022 13:38:17 GMT
Last-Modified: Tue, 06 Dec 2022 12:06:56 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

216.58.211.10

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 11:09:22 GMT
expires: Wed, 06 Dec 2023 11:09:22 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 57222
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js

85.184.96.5

200 OK

956 B

URL HTTP/2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP
85.184.96.5:0
ASN
#47171 Unibet Services Limited

File type
ASCII text
Size
956 B (956 bytes)
Hash
fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47

HTTP Headers

GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853

104.18.24.188

200 OK

4.8 kB

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2468)
Size
4.8 kB (4759 bytes)
Hash
020a1dbab370caccf4c5aaa5b2fa8767
292db01d1ae518c685252339e8b26707511e931c
b7fa245615e8d0c8237c13b1da20f6ce3a2c3ad7a37e2c254533cd5db4f5a8e5

HTTP Headers

GET /nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: 3j1KK5ReHy/6ckOVwt+Uag==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
x-ms-request-id: 836a06a9-701e-000b-27e8-09e969000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06a8bd9f0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png

104.18.24.188

404 Not Found

450 B

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type
XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Size
450 B (450 bytes)
Hash
572b40e0928adbb26187026620112066
4970a39e1b9e33ace054a93f8a1afefd36125ceb
00fcc876532f1c5b04da33835deb7d6dbe294e4c4a2d1db73bc63d1ece707fef

HTTP Headers

GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: application/xml
x-ms-request-id: 2113e785-a01e-0027-4ee7-0905c6000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 289
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06aa8e350afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg

104.18.24.188

200 OK

98 kB

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Size
98 kB (98453 bytes)
Hash
8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407

HTTP Headers

GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: image/jpeg
content-length: 98453
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: jm2a9e8brf6Slbj8lnk8KA==
etag: "0x8DACBBCB1BBD29B"
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 0b1c71c4-b01e-0049-7003-0350e9000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 153301
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06ab7e8f0afa-OSL
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2

104.18.24.188

200 OK

11 kB

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Size
11 kB (10924 bytes)
Hash
0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b

HTTP Headers

GET /nu/pop/sportsbook/multisports/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: font/woff2
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: "0x8DACBBCB4A3B989"
x-ms-request-id: b6f7cb18-201e-0029-1a03-032c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 153347
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06ab8e920afa-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8aa9320315b7fc787bfd0fd1baea8721
45328506883b22acc927b8038b73e5247b0a1679
c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg

104.18.24.188

200 OK

18 kB

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5740), with no line terminators
Size
18 kB (17831 bytes)
Hash
211f413bb84edab78f89d70ebf0b0901
128aaba0be2e7a9462028cdbb442cd2f6db0a6c8
82c15aeaf6da762bf7ec991a438687201c569c90c628e9051931a52180ced94c

HTTP Headers

GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4CC7156"
x-ms-request-id: 4fc06b4d-901e-004e-1803-033c8a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 153348
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06aa8e2f0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg

104.18.24.188

200 OK

16 kB

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (966), with no line terminators
Size
16 kB (16445 bytes)
Hash
03aa14cacc7d00d61ecaae93bb3bec72
0db89c68b0d1bee6663ca7a1dcc4b9b6ff6d575d
713bdcfeab2a2bf40662ff51080964b93ea20a2295421b2f1cd00c5c36dcfce9

HTTP Headers

GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB3A5CF50"
x-ms-request-id: cd88faad-301e-0047-5503-037959000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 153348
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06aa8e330afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

a1s.unibet.com/orval/tracking/lastclick.min.js

85.184.96.5

200 OK

75 kB

URL HTTP/2
a1s.unibet.com/orval/tracking/lastclick.min.js
IP
85.184.96.5:0
ASN
#47171 Unibet Services Limited

File type
data
Size
75 kB (75134 bytes)
Hash
4f2bdd72b16f6da01d43f124ccfca353
a57f73f411703844781f73adcac93b0025c23fc2
46c6f54326656e5c5a124a93060ae8a679ce8eb2f3d4c18f720ad3dd696dc76c

HTTP Headers

GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:24 GMT
etag: W/"705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 545329
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg

104.18.24.188

200 OK

81 kB

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1066), with no line terminators
Size
81 kB (81411 bytes)
Hash
80644570f56d040d72ef06dcfe335e2b
04a7c8e6d4c9f28dcf85919b2cb8cd2275bca314
67f5c25a583ac9cb826a3277f67f9ffb0bce4b1d5a0523efc7e177953b68a120

HTTP Headers

GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 21 Nov 2022 12:34:15 GMT
etag: W/"0x8DACBBCB39EA46F"
x-ms-request-id: a11628c9-801e-0042-7503-03ab82000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 153348
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06aa8e310afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico

104.18.24.188

200 OK

705 B

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size
705 B (705 bytes)
Hash
34ffed45d20aaf15fddcd9d68809ce10
f260bd88ede284524f2f4f0b966b10a7d7ffba99
d3a8ece9c42f1c51096413436b1f0c5333350b1b11768deda9a79678d6cbf269

HTTP Headers

GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB155306D"
x-ms-request-id: ef96856b-501e-0041-3303-034ae6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 153300
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06ac3ec90afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
9de77d68b1bd3571436cfb3e72ec277b
f5f51a1f5e7aa871038a825480449899b160540e
092eb432dc0a8e91d08e2fd6c88207d06e9816c311b4135552ca127869814210

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1945
Cache-Control: max-age=113752
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:04 GMT
Etag: "638f1427-117"
Expires: Thu, 08 Dec 2022 10:38:56 GMT
Last-Modified: Tue, 06 Dec 2022 10:06:31 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279

secure.adnxs.com/seg?add=9755599

37.252.172.123

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/seg?add=9755599
IP
37.252.172.123:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 07 Dec 2022 03:03:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 3df39267-5dae-4274-b056-8abcc7f2d047
Set-Cookie: uuid2=8357328940823600755; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 07-Mar-2023 03:03:04 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7055ce70d7ede0ef667afe357848fd69
5959653114063d49266f21b4cd0f71ed4d5426a3
6c2cd6ac74d1bffefcf4ce13d2c83ee13a3295404d689026c7a0067babc671c2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5700
Cache-Control: max-age=103131
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:04 GMT
Etag: "638edbff-1d7"
Expires: Thu, 08 Dec 2022 07:41:55 GMT
Last-Modified: Tue, 06 Dec 2022 06:06:55 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1

104.19.148.8

200 OK

1.8 kB

URL HTTP/2
script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
IP
104.19.148.8:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (5061), with no line terminators
Size
1.8 kB (1770 bytes)
Hash
99ebb4bb79b06a612e34b8a99d4dcdef
bb5ede4c649df5a5ddd5ec81b7d0a2385f233917
b4be02c931b30bca88d7188f1b108b9eca292974998a09b5ee1648d524cf40e3

HTTP Headers

GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: application/json
content-length: 1770
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Tue, 06 Dec 2022 23:13:41 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 13763
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06ad5d63b4ff-OSL
X-Firefox-Spdy: h2

secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599

37.252.172.123

200 OK

43 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP
37.252.172.123:0
ASN
#29990 ASN-APPNEX

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

HTTP Headers

GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 07 Dec 2022 03:03:04 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: fac4c733-f838-45c2-ad8e-016638c6bb94
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E>s_]K8F!1yIE'Yg-$0y=/d!!'.H$SHIo; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 07-Mar-2023 03:03:04 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1670382184173

54.217.130.182

200 OK

499 B

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1670382184173
IP
54.217.130.182:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Size
499 B (499 bytes)
Hash
fc9af2a1100952e11cfbea30cbaf32a5
0fedb4487b31eae0497ee1df725b72aa5fbdefee
7daf6c7b92a781e5103594619dff8120bd0c86f1179db7f8c206c258ba15e2e6

HTTP Headers

GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1670382184173 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-0eab94181.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=52172543569730765562140618457097566992; Max-Age=15552000; Expires=Mon, 05 Jun 2023 03:03:04 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: TGHXVGQaSXA=
Content-Length: 499
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
38c3745333a01ac20f474091e5616378
28aa5cad82c20fbae377698bee1e7474afd36bcb
4d566b9ca5a5ce62e86f5baff8e2a5ea38114e981df63c58e413d31de71cd30b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4541
Cache-Control: max-age=107384
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:03:04 GMT
Etag: "638ef123-1d7"
Expires: Thu, 08 Dec 2022 08:52:48 GMT
Last-Modified: Tue, 06 Dec 2022 07:37:07 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=52178828067097963112142531255449847435&ts=1670382184369

13.36.218.177

200 OK

2 B

URL HTTP/2
unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=52178828067097963112142531255449847435&ts=1670382184369
IP
13.36.218.177:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=52178828067097963112142531255449847435&ts=1670382184369 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
date: Wed, 07 Dec 2022 03:03:04 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js

104.19.148.8

200 OK

27 kB

URL HTTP/2
script.crazyegg.com/pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js
IP
104.19.148.8:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (63889)
Size
27 kB (26836 bytes)
Hash
40a61971f3342753b240df82579098d2
75a44689092cd59612c3c77f4c3f353f5898c4b9
c53652de8d763aa53a2226f899e6c57434675b324a4e22b91bea1f217e99504a

HTTP Headers

GET /pages/versioned/common-scripts/051214b1ee034dc81c1493c28aa557bd.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: text/javascript
content-length: 26836
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Fri, 18 Nov 2022 16:53:01 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 985089
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06aecdefb4ff-OSL
X-Firefox-Spdy: h2

script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463995

104.19.148.8

200 OK

144 B

URL HTTP/2
script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463995
IP
104.19.148.8:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
144 B (144 bytes)
Hash
9105d06403e39c8b82d16cde3bb3cd96
f2d8d282c4b92a72cac3650b6ea591b6271e49c5
7761f918f35356ee3855701d572b6c0d2cf4ad4e374ed891be0df8b47e3e4b21

HTTP Headers

GET /pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=463995 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: application/json
content-length: 144
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Tue, 06 Dec 2022 23:13:41 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 13763
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06af1e2eb4ff-OSL
X-Firefox-Spdy: h2

unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s51348068410636?AQB=1&ndh=1&pf=1&t=7%2F11%2F2022%203%3A3%3A4%203%200&mid=52178828067097963112142531255449847435&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950%26btag%3D320665405_F268FD1F2FAF49D6B509FC7662A3BD47%26bid%3D37950%26campaignId%3D2799402%26pid%3D68248853&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950%26btag%3D320665405_F268FD1F2FAF49D6B509FC7662A3BD47%26bid%3D37950%26campaignId%3D2799402%26pid%3D68248853&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=3%3A03%20AM%7CWednesday&v6=3%3A03%20AM%7CWednesday&v11=GBP&c14=New&v14=New&c16=1670382184&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A320665405%3A68248853-37950&v122=NONE&v124=2799402&v125=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&v126=68248853&v127=37950&v134=1670382184&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1

13.36.218.177

200 OK

43 B

URL HTTP/2
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s51348068410636?AQB=1&ndh=1&pf=1&t=7%2F11%2F2022%203%3A3%3A4%203%200&mid=52178828067097963112142531255449847435&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950%26btag%3D320665405_F268FD1F2FAF49D6B509FC7662A3BD47%26bid%3D37950%26campaignId%3D2799402%26pid%3D68248853&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950%26btag%3D320665405_F268FD1F2FAF49D6B509FC7662A3BD47%26bid%3D37950%26campaignId%3D2799402%26pid%3D68248853&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=3%3A03%20AM%7CWednesday&v6=3%3A03%20AM%7CWednesday&v11=GBP&c14=New&v14=New&c16=1670382184&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A320665405%3A68248853-37950&v122=NONE&v124=2799402&v125=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&v126=68248853&v127=37950&v134=1670382184&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP
13.36.218.177:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 2 x 2\012- data
Size
43 B (43 bytes)
Hash
ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

HTTP Headers

GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s51348068410636?AQB=1&ndh=1&pf=1&t=7%2F11%2F2022%203%3A3%3A4%203%200&mid=52178828067097963112142531255449847435&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950%26btag%3D320665405_F268FD1F2FAF49D6B509FC7662A3BD47%26bid%3D37950%26campaignId%3D2799402%26pid%3D68248853&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A320665405%3A68248853-37950%26btag%3D320665405_F268FD1F2FAF49D6B509FC7662A3BD47%26bid%3D37950%26campaignId%3D2799402%26pid%3D68248853&v1=welcome.unibet.com%3A%3A%3Adesktop%3Anu%3Apop%3Asportsbook%3Amultisports%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=3%3A03%20AM%7CWednesday&v6=3%3A03%20AM%7CWednesday&v11=GBP&c14=New&v14=New&c16=1670382184&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A320665405%3A68248853-37950&v122=NONE&v124=2799402&v125=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&v126=68248853&v127=37950&v134=1670382184&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
date: Wed, 07 Dec 2022 03:03:04 GMT
expires: Tue, 06 Dec 2022 03:03:04 GMT
last-modified: Thu, 08 Dec 2022 03:03:04 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3587118427978563584-4619821674043117482
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

unibet.demdex.net/dest5.html?d_nsid=0

52.213.249.147

200 OK

2.8 kB

URL HTTP/1.1
unibet.demdex.net/dest5.html?d_nsid=0
IP
52.213.249.147:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size
2.8 kB (2791 bytes)
Hash
ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12

HTTP Headers

GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 7 Dec 2022 03:03:04 GMT
DCS: dcs-prod-irl1-1-v045-0ba4161da.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:56 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: rk7MEcwnSOA=
Content-Length: 2791
Connection: keep-alive

pagestates-tracking.crazyegg.com/healthcheck

54.230.111.22

200 OK

19 B

URL HTTP/2
pagestates-tracking.crazyegg.com/healthcheck
IP
54.230.111.22:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text
Size
19 B (19 bytes)
Hash
d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

HTTP Headers

GET /healthcheck HTTP/1.1
Host: pagestates-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Mon, 14 Nov 2022 03:38:26 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: laK9FbzaMMCgr23TpCSP6GdN_iNzWu9AFZp6It_G6nfBb3RPBkCp9Q==
age: 1985079
X-Firefox-Spdy: h2

assets-tracking.crazyegg.com/healthcheck

54.230.111.63

200 OK

19 B

URL HTTP/2
assets-tracking.crazyegg.com/healthcheck
IP
54.230.111.63:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text
Size
19 B (19 bytes)
Hash
d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

HTTP Headers

GET /healthcheck HTTP/1.1
Host: assets-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Tue, 06 Dec 2022 01:51:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dJR-G6X06eytRhkuodYgl5OZr3kTqLqwySm9i2tdElnYfrEwQkN_ew==
age: 90710
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
92be0eeaff0dd9394a4aabbe4dbcca09
6c7b2294a08724a29903602834b8a6d7113f2592
6e494fa45d1cb0cd6bb0ceb2cc0a40bc4e27ef9340e9dc35e8df9b9dc00ec6c0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=131539
Date: Wed, 07 Dec 2022 03:03:04 GMT
Etag: "638f4b1d-1d7"
Expires: Thu, 08 Dec 2022 15:35:23 GMT
Last-Modified: Tue, 06 Dec 2022 14:01:01 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: f_WPytTExaN2s68d8zNPLJhpatoXuWGf9rzAmCvO0n1zco9bSbcIGg==
Age: 5662

cm.everesttech.net/cm/dd?d_uuid=52172543569730765562140618457097566992

99.80.65.0

302

0 B

URL HTTP/1.1
cm.everesttech.net/cm/dd?d_uuid=52172543569730765562140618457097566992
IP
99.80.65.0:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cm/dd?d_uuid=52172543569730765562140618457097566992 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 
Date: Wed, 07 Dec 2022 03:03:05 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y5ACaQAAAF_JbwNe; Domain=.everesttech.net; Expires=Thu, 07-Dec-2023 03:03:05 GMT; Path=/
everest_session_v2="Y5ACaQAAAF@JcANe"; Version=1; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5ACaQAAAF_JbwNe
Server: AMO-cookiemap/1.1

dpm.demdex.net/ibs:dpid=411&dpuuid=Y5ACaQAAAF_JbwNe

54.217.130.182

302 Found

0 B

URL HTTP/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y5ACaQAAAF_JbwNe
IP
54.217.130.182:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ibs:dpid=411&dpuuid=Y5ACaQAAAF_JbwNe HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-08dd6474c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5ACaQAAAF_JbwNe
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=37725654712250730450399559926888510257; Max-Age=15552000; Expires=Mon, 05 Jun 2023 03:03:05 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: KsH13YrrSIM=
Content-Length: 0
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
15cfb673d034e1ac7addba5f45a3edc6
0d763a8c6432df4bc45d828de2212a4422a595fc
433a4a08490442fda7b53d7905e4b3bebe4257cbf474c08f6c56dc9947152e95

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=133677
Date: Wed, 07 Dec 2022 03:03:05 GMT
Etag: "638f5a8e-1d7"
Expires: Thu, 08 Dec 2022 16:11:02 GMT
Last-Modified: Tue, 06 Dec 2022 15:06:54 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iDFZkLKmOKjI_Qg6XKVia_K3zNInZ6CCGCDXnEvuhgodoSsdwavbhQ==
Age: 3848

dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5ACaQAAAF_JbwNe

54.217.130.182

200 OK

59 B

URL HTTP/1.1
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5ACaQAAAF_JbwNe
IP
54.217.130.182:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
59 B (59 bytes)
Hash
1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13

HTTP Headers

GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5ACaQAAAF_JbwNe HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-078626053.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: Ft8PJNIlQ6M=
Content-Length: 59
Connection: keep-alive

tracking.crazyegg.com/clock?t=1670382184695&tk=49f5480a39da8ce7e59e73633af4ed5a

52.51.158.68

200 OK

26 B

URL HTTP/2
tracking.crazyegg.com/clock?t=1670382184695&tk=49f5480a39da8ce7e59e73633af4ed5a
IP
52.51.158.68:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
3448d320dd6cf8d94725ebdfd93e6c1c
d0632cad3b915e69460dc0a6af4fd29a1e8005c9
a1a60b1fb79cfb0ef1b913d1b7de9f32c1e88683bc82fefd25fd8b9157183dc3

HTTP Headers

GET /clock?t=1670382184695&tk=49f5480a39da8ce7e59e73633af4ed5a HTTP/1.1
Host: tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: awselb/2.0
date: Wed, 07 Dec 2022 03:03:05 GMT
content-type: text/plain
content-length: 26
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.1/css/all.css

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.7.1/css/all.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: text/css
x-amz-id-2: Naym7hPmP6C6hux6VLJAAre0tbecqXaiQpMJaYu3vDn0x1vPpC32gtoDJkl7kXKmPPFbhKi1q5U=
x-amz-request-id: MZGFJRB14SZWS1MV
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 913841
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5MEnDQA4eY%2F4f7U9IhNLqeoCTsz%2BF%2B0Y2WIJZ9xSpLo1Y14hve0ENPiE%2FY%2B1de61fcJKLZQFu3tFOs7BXdxAz%2BUKbdX5d5v6tE7WwLJpi50yRE9%2BUA6Tosl7tGElbyQbrs0Nszl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775a06ab0907067e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg

104.18.24.188

200 OK

0 B

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB2079DB0"
x-ms-request-id: 24a2aae3-d01e-004f-0203-036356000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 153347
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06aa8e260afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg

104.18.24.188

200 OK

0 B

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 21 Nov 2022 12:34:12 GMT
etag: W/"0x8DACBBCB1D5BF7A"
x-ms-request-id: 5d879bd0-f01e-002a-0703-03cd12000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 153348
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06aa8e290afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js

104.18.24.188

200 OK

0 B

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB50B45F5"
x-ms-request-id: 10dfb792-f01e-0077-0703-03c796000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 153348
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06aa7e200afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css

104.18.24.188

200 OK

0 B

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 21 Nov 2022 12:34:11 GMT
etag: W/"0x8DACBBCB117460B"
x-ms-request-id: dbafa778-701e-0034-4703-0321ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 153348
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06aa7e1f0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg

104.18.24.188

200 OK

0 B

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4BDF480"
x-ms-request-id: 88d0ed69-201e-0074-2803-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 153348
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06aa8e2a0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg

104.18.24.188

200 OK

0 B

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 21 Nov 2022 12:34:13 GMT
etag: W/"0x8DACBBCB22FE05F"
x-ms-request-id: bf5a1d34-901e-003c-5a03-033bc5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 153348
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06aa8e370afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 03:03:04 GMT
date: Wed, 07 Dec 2022 03:03:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js

104.18.24.188

200 OK

0 B

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB5157DAD"
x-ms-request-id: 88d0ed66-201e-0074-2503-0326f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 153348
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06aa7e210afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/custom.js

104.18.24.188

200 OK

0 B

URL HTTP/2
welcome.unibet.com/custom.js
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 153301
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06aa8e250afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

script.crazyegg.com/pages/scripts/0012/9242.js

104.19.148.8

200 OK

0 B

URL HTTP/2
script.crazyegg.com/pages/scripts/0012/9242.js
IP
104.19.148.8:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.9
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Tue, 06 Dec 2022 23:13:41 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 13763
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06ac7d0eb4ff-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg

104.18.24.188

200 OK

0 B

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 21 Nov 2022 12:34:17 GMT
etag: W/"0x8DACBBCB4C5466A"
x-ms-request-id: 0b580569-d01e-0060-1f03-036e9d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 153348
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06aa8e2d0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no

104.40.147.180

200 OK

0 B

URL HTTP/2
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP
104.40.147.180:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Wed, 07 Dec 2022 03:03:04 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=15ba40cd1caa1bec2184ac4d6bc54f4c82e5289caaa419bdac02883b5bb07792;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=15ba40cd1caa1bec2184ac4d6bc54f4c82e5289caaa419bdac02883b5bb07792;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

www.profitabledisplayformat.com/2f9699d6163bff9569aab95bc537a459/invoke.js

188.114.97.1

200 OK

0 B

URL HTTP/2
www.profitabledisplayformat.com/2f9699d6163bff9569aab95bc537a459/invoke.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /2f9699d6163bff9569aab95bc537a459/invoke.js HTTP/1.1
Host: www.profitabledisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mavink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:03:00 GMT
content-type: application/javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f2a5fcbefe878107973f38b99eac2cec
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 07 Dec 2022 01:29:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqFrV5Dco5ZKQkLeQctXPugz%2BzRorSzzSrCbwPx%2FR%2FWMBChaB3wXyUsf4uy5%2BydZqpqLi3Ofw8V%2FWNSPUWn3kjiIRfff3s%2B23OLY2g%2BM0Y3QX1k3IYk%2B%2BAjbhDAc1XgSghgjso7N97d0DkC6YD4D7Llw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06914fc61c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png

104.18.24.188

404 Not Found

0 B

URL HTTP/2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP
104.18.24.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:320665405:68248853-37950&btag=320665405_F268FD1F2FAF49D6B509FC7662A3BD47&bid=37950&campaignId=2799402&pid=68248853
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a68248853%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1670382183498)%5c%2f%22%2c%22CookieTag%22%3a%223795068248853451240919C202212733%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228530494899%7c1%22%7d%5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Wed, 07 Dec 2022 03:03:04 GMT
content-type: application/xml
x-ms-request-id: 2113e785-a01e-0027-4ee7-0905c6000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 289
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a06ab6e8c0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (70)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations