Overview

URL mkkuei4kdsz.com/480/552.html
IP64.225.91.73
ASNDIGITALOCEAN-ASN
Location United States
Report completed2022-09-26 06:25:47 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-26 2 mkkuei4kdsz.com/480/552.html Malware
2022-09-26 2 ww2.mkkuei4kdsz.com/ Malware
mnemonic secure dns
Scan Date Severity Indicator Comment
2022-09-26 2 mkkuei4kdsz.com Sinkholed
2022-09-26 2 mkkuei4kdsz.com Sinkholed
2022-09-26 2 mkkuei4kdsz.com Sinkholed
2022-09-26 2 mkkuei4kdsz.com Sinkholed
2022-09-26 2 mkkuei4kdsz.com Sinkholed
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-26 2 mkkuei4kdsz.com Sinkholed
2022-09-26 2 mkkuei4kdsz.com Sinkholed
2022-09-26 2 mkkuei4kdsz.com Sinkholed
2022-09-26 2 mkkuei4kdsz.com Sinkholed
2022-09-26 2 mkkuei4kdsz.com Sinkholed
2022-09-25 2 semidapt.com Sinkholed
2022-09-25 2 semidapt.com Sinkholed


Files

No files detected



Passive DNS (38)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-26 04:11:51 UTC 34.120.237.76
mnemonic passive DNS a1s-cdn.unibet.com (1) 283505 2014-04-23 15:07:51 UTC 2022-09-26 00:25:00 UTC 85.184.96.5
mnemonic passive DNS a1s.unibet.com (1) 297625 2017-01-30 00:44:42 UTC 2022-09-26 00:25:00 UTC 85.184.96.5
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-26 04:27:27 UTC 142.250.74.72
mnemonic passive DNS e1.o.lencr.org (1) 6159 2021-08-20 07:36:30 UTC 2022-09-25 21:37:35 UTC 23.36.77.32
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-25 05:07:25 UTC 52.43.46.140
mnemonic passive DNS dpm.demdex.net (3) 204 2017-01-30 04:59:39 UTC 2022-09-26 04:19:58 UTC 3.250.251.255
mnemonic passive DNS assets-tracking.crazyegg.com (1) 3651 2021-10-27 14:05:49 UTC 2022-09-26 02:04:05 UTC 54.230.111.114
mnemonic passive DNS mkkuei4kdsz.com (1) 0 2012-11-29 20:21:30 UTC 2022-09-26 04:14:33 UTC 64.225.91.73 Unknown ranking
mnemonic passive DNS secure.adnxs.com (2) 396 2012-05-22 16:37:37 UTC 2022-09-25 04:49:17 UTC 185.89.210.90
mnemonic passive DNS adserving.unibet.com (1) 98000 2015-05-26 06:56:53 UTC 2022-09-26 00:24:59 UTC 23.36.79.11
mnemonic passive DNS www.unibet.com (2) 318338 2014-04-29 01:07:51 UTC 2022-09-26 00:25:00 UTC 85.184.96.0
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-26 04:56:07 UTC 142.250.74.10
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-26 04:51:20 UTC 143.204.55.27
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-25 05:42:52 UTC 143.204.55.110
mnemonic passive DNS cdn.bannerflow.com (3) 23819 2018-02-22 12:57:21 UTC 2022-09-26 04:37:38 UTC 104.16.171.188
mnemonic passive DNS domaincntrol.com (1) 274993 2018-01-06 22:46:59 UTC 2022-09-25 20:48:48 UTC 104.26.11.61
mnemonic passive DNS img.sedoparking.com (1) 54200 2013-04-22 22:23:29 UTC 2022-09-25 04:43:12 UTC 205.234.175.175
mnemonic passive DNS welcome.unibet.com (16) 242429 2017-01-30 05:39:28 UTC 2022-09-26 00:25:00 UTC 108.161.188.196
mnemonic passive DNS cm.everesttech.net (1) 996 2017-01-30 04:59:57 UTC 2022-09-25 05:58:41 UTC 52.17.180.229
mnemonic passive DNS tracking.crazyegg.com (1) 3633 2020-03-10 07:15:05 UTC 2022-09-25 20:57:11 UTC 108.128.203.219
mnemonic passive DNS xml.sedodna.com (1) 278378 2020-10-22 08:18:03 UTC 2022-09-25 13:06:48 UTC 173.239.53.32
mnemonic passive DNS semidapt.com (2) 0 2022-08-17 12:31:43 UTC 2022-09-26 04:12:52 UTC 213.174.151.100 Unknown ranking
mnemonic passive DNS no.unibet.com (2) 201503 2012-07-26 09:42:52 UTC 2022-09-26 04:31:28 UTC 85.184.96.0
mnemonic passive DNS use.fontawesome.com (2) 942 2017-01-30 04:43:25 UTC 2022-09-25 05:34:34 UTC 172.64.133.15
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-09-26 04:26:58 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS script.crazyegg.com (5) 1992 2015-01-07 19:40:26 UTC 2022-09-26 05:53:30 UTC 104.19.147.8
mnemonic passive DNS unibetlondonltd.d3.sc.omtrdc.net (2) 444877 2017-01-29 21:05:05 UTC 2022-09-26 00:25:01 UTC 15.236.176.210
mnemonic passive DNS pagestates-tracking.crazyegg.com (1) 3647 2020-10-26 19:42:04 UTC 2022-09-25 20:57:11 UTC 54.230.111.77
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-26 04:28:07 UTC 34.117.237.239
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-09-25 13:18:42 UTC 104.17.25.14
mnemonic passive DNS ocsp.securetrust.com (1) 18792 2019-12-23 03:05:54 UTC 2022-09-25 05:16:20 UTC 23.36.79.25
mnemonic passive DNS ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2022-09-26 04:12:35 UTC 142.250.74.3
mnemonic passive DNS bannerflow-feed-builder.azurewebsites.net (1) 659103 2017-11-23 13:27:15 UTC 2022-09-26 00:25:00 UTC 104.40.147.180
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-09-25 05:02:41 UTC 23.36.77.32
mnemonic passive DNS ocsp.digicert.com (7) 86 2012-05-21 07:02:23 UTC 2022-09-26 04:12:21 UTC 93.184.220.29
mnemonic passive DNS ww2.mkkuei4kdsz.com (4) 0 2022-01-21 14:07:05 UTC 2022-09-25 04:43:11 UTC 64.190.63.136 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 64.225.91.73

Date UQ / IDS / BL URL IP
2022-12-04 08:41:12 +0000
0 - 0 - 7 mkkuei4kdsz.com/338/909.html 64.225.91.73
2022-12-04 08:41:11 +0000
0 - 0 - 7 mkkuei4kdsz.com/527/123.html 64.225.91.73
2022-12-03 21:28:31 +0000
0 - 0 - 7 mkkuei4kdsz.com/428/870.html 64.225.91.73
2022-12-03 21:19:31 +0000
0 - 0 - 7 mkkuei4kdsz.com/652/46.html 64.225.91.73
2022-12-03 12:31:13 +0000
0 - 0 - 8 mkkuei4kdsz.com/988/840.html 64.225.91.73

Last 5 reports on ASN: DIGITALOCEAN-ASN

Date UQ / IDS / BL URL IP
2022-12-04 08:58:30 +0000
0 - 0 - 7 yourpack-movers.com/blissyofferUB179wgdiauyge (...) 68.183.228.194
2022-12-04 08:57:19 +0000
0 - 0 - 2 tofspace.com/khl/mpb/zw/yogamez-59463/lp3/ 178.62.221.212
2022-12-04 08:53:04 +0000
0 - 0 - 1 securely.us/ 159.89.252.54
2022-12-04 08:42:56 +0000
0 - 0 - 1 sg.lnslagging.click/au/i14s22/tpg/ 139.59.241.112
2022-12-04 08:41:12 +0000
0 - 0 - 7 mkkuei4kdsz.com/338/909.html 64.225.91.73

Last 5 reports on domain: mkkuei4kdsz.com

Date UQ / IDS / BL URL IP
2022-12-04 08:41:12 +0000
0 - 0 - 7 mkkuei4kdsz.com/338/909.html 64.225.91.73
2022-12-04 08:41:11 +0000
0 - 0 - 7 mkkuei4kdsz.com/527/123.html 64.225.91.73
2022-12-03 21:28:31 +0000
0 - 0 - 7 mkkuei4kdsz.com/428/870.html 64.225.91.73
2022-12-03 21:19:31 +0000
0 - 0 - 7 mkkuei4kdsz.com/652/46.html 64.225.91.73
2022-12-03 12:31:13 +0000
0 - 0 - 8 mkkuei4kdsz.com/988/840.html 64.225.91.73

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-04 02:47:41 +0000
0 - 0 - 4 blog.afterlivre.com/mon-livre-unique-de-franc (...) 78.41.204.36
2022-12-04 01:59:58 +0000
0 - 0 - 2 tele123.store/cl/500/bx/nl/ 79.98.29.10
2022-12-03 23:28:05 +0000
0 - 0 - 7 t2.hightid.com/s.php?p=c:8pnojh5wxi7l11j14&d= (...) 51.161.115.163
2022-12-03 23:28:21 +0000
0 - 0 - 7 4.us.silverwinds.xyz/feed/?link=true&tid=4&su (...) 23.235.251.114
2022-12-03 22:59:04 +0000
0 - 0 - 3 telefonica.site/dz/env/nl/ 79.98.24.35


JavaScript

Executed Scripts (32)


Executed Evals (9)

#1 JavaScript::Eval (size: 55, repeated: 1) - SHA256: 14986cbd70f8b8a1770adf9800c113847daf392c2999dfff9dc71d2be98f3282

                                        (function() {
    return visitor.getAnalyticsVisitorID()
})();
                                    

#2 JavaScript::Eval (size: 62, repeated: 1) - SHA256: adf0ca592504ef680d5ea02d5161b15be0572fd3e5b41d152b74f0c76aea6c42

                                        (function() {
    return window.functions.getPageNameOldEvar1()
})();
                                    

#3 JavaScript::Eval (size: 60, repeated: 1) - SHA256: 9d51544cc513110b130345a977b1e9e630b5a7aa01518f7f7898758b79a9699f

                                        (function() {
    return visitor.getMarketingCloudVisitorID()
})();
                                    

#4 JavaScript::Eval (size: 88, repeated: 1) - SHA256: 5e05e2cf30322e8f71d65a22aa5f4a095923b67286a61d83b7787e3468f42f62

                                        (function() {
    return "LP:" + BF_prop.LandingPageName.toString().replace(/:/ig, "").trim()
})();
                                    

#5 JavaScript::Eval (size: 61, repeated: 1) - SHA256: 9259355921509ced00b4d7d3e76c151037a06c88a646cd7d47d5d9c96984697c

                                        (function() {
    return window.functions.timeParting("n", "0")
})();
                                    

#6 JavaScript::Eval (size: 135, repeated: 1) - SHA256: fc7b851f30df68c5cc6d1fb3f06c300b2b1d7271f76cc187224050270141f0ed

                                        (function() {
    if (window.innerHeight) return window.innerHeight;
    d = screen.width + "x" + screen.height;
    return d.documentElement.offsetHeight
})();
                                    

#7 JavaScript::Eval (size: 132, repeated: 1) - SHA256: 0a23e511994a2c03a725773de07810ff171878b9c0177f40a663038e4e251168

                                        (function() {
    if (window.innerWidth) return window.innerWidth;
    d = screen.width + "x" + screen.height;
    return d.documentElement.offsetWidth
})();
                                    

#8 JavaScript::Eval (size: 71, repeated: 1) - SHA256: dcdd7e7e286c45c94638f28053384616d6ca9a1b396b0109cb51f1298ba342bb

                                        (function() {
    return Math.round((new Date).getTime() / 1E3).toString()
})();
                                    

#9 JavaScript::Eval (size: 54, repeated: 1) - SHA256: fc490a09c28110ae2a7c965801ebeb5c572587f55c3524889f547dbcc34c1d81

                                        (function() {
    return screen.width + "x" + screen.height
})();
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 50, repeated: 1) - SHA256: a2b051fa7d206df6e4eeee27678781de0752c1ac7adcfd359c1a2fc7ff507449

                                        < script src = "/widget/betslip/betslip.js" > < /script>
                                    


HTTP Transactions (96)


Request Response
                                        
                                            GET /480/552.html HTTP/1.1 
Host: mkkuei4kdsz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         64.225.91.73
HTTP/1.1 200 OK
content-type: text/html
                                        
server: nginx/1.18.0 (Ubuntu)
date: Mon, 26 Sep 2022 06:25:35 GMT
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   329
Md5:    ecbcb8bae64098de3e587487b474f8b8
Sha1:   e275409fb40ea27c3826af493f70faf147d0f995
Sha256: 2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5858
Expires: Mon, 26 Sep 2022 08:03:14 GMT
Date: Mon, 26 Sep 2022 06:25:36 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 05:37:10 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GofnmeN1UtRK-zvbDXu4B1QjUEwqkLogMppEBJ7btEA9qT5jznDdJw==
Age: 2906


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gZzyVCz-7gxvp9ciPzCpXLC1xMpWiEhntKD3M-uFQ6Q6gm7X_ID-WA==
age: 6621
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 26 Sep 2022 06:25:36 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 26 Sep 2022 06:25:36 GMT
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9617240
expires: Sat, 16 Sep 2023 06:25:36 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQShgv1hfsEDu34h4MzT8JgDFyge5O4L9ut9%2BOuFFcD01DWNWZd51Fxf08ywf5dFnZzPCHYSzsIqhPYTJfTLjlDBVKycTNBJelCgsp5hVxNmOVmleZXcVgPbGPHSXIBXoz92qOIX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7509ec59bcc3b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   27958
Md5:    4b5f47439b640180cc3450f7de05d0d8
Sha1:   5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
Sha256: 1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "71AD91E643C762975FBD4F825DAC0EEEFD8C842CA48528813C92F9E3340089A0"
Last-Modified: Sun, 25 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5733
Expires: Mon, 26 Sep 2022 08:01:09 GMT
Date: Mon, 26 Sep 2022 06:25:36 GMT
Connection: keep-alive

                                        
                                            GET /?orighost=http://mkkuei4kdsz.com/480/552.html HTTP/1.1 
Host: domaincntrol.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.11.61
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
date: Mon, 26 Sep 2022 06:25:36 GMT
content-length: 28
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alzjuYGN0anqhD2Wu%2B4WYCzXXPSI%2BUkPEUW9MNKH8dc%2FG1jCYOtT%2BWyXF5Gst8vJwjwfCCsQ4cEyFG3gvFlUFz6SPMqqzm4rPHvp%2F17jgy4dM4bOcJ%2Bl8hOCmIbVSAaw5l8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7509ec5a8be00b65-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   28
Md5:    7aae16ed70d2e07943585bbb1cd02b55
Sha1:   3209123510c034e6e38ca45edf14307f1375a8f5
Sha256: 51bfb53a70df6adc48f0670be59a16a657ab5a2bafc176973a32d5c36a4fc5d3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 26 Sep 2022 06:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 26 Sep 2022 06:17:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: O6oIqh3_n2zRkbbFkFS8wmB2HhyYf3uA4I_YvhawP3vcQOMC82iv2Q==
Age: 890


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4634
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 06:25:36 GMT
Last-Modified: Mon, 26 Sep 2022 05:08:22 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: ww2.mkkuei4kdsz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1

                                         
                                         64.190.63.136
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 26 Sep 2022 06:25:37 GMT
transfer-encoding: chunked
vary: Accept-Encoding
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_RlGSCujrTwIV09ewwdBk8PiCOXknsvjzonXp/BabLYsbM4wWv0k1teTkRJynKg7Y1QeTz1UsnxJZ/TvhfinDdA==
last-modified: Mon, 26 Sep 2022 06:25:36 GMT
x-cache-miss-from: parking-75468f7c47-d2gj6
server: NginX
content-encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (647)
Size:   1201
Md5:    ade282a66558a6f0a4c076eddddbd320
Sha1:   0f0235996a0141fb5e9d0ced6baa9394d99c1757
Sha256: 63502480cea3d0669a874720a1a6aa3ecb8496312a4fe79cbbcf0f605e12b3fa

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OHDK+C89at5XmMeWwySJAQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.43.46.140
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3otBr9/n3ZhxdQX7XPi01018oow=

                                        
                                            GET /images/js_preloader.gif HTTP/1.1 
Host: img.sedoparking.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/

                                         
                                         205.234.175.175
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 26 Sep 2022 06:25:37 GMT
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Mon, 03 Oct 2022 06:25:37 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: 1719c30e8e774940a861fd9c5723a158
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16\012- data
Size:   4254
Md5:    90c93102a88c2ab94bff1575b7a6e86e
Sha1:   56d71bf13de464534643db9d127629a0a3bf677a
Sha256: 5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
                                        
                                            GET /search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY2NDE3MzUzN2YyNThjOWQxZjgzYWRlMjI4ZWRlMDFlNjllMWQyNjc2&crc=52953f3d775778bff83a580267fd109f62ce9839&cv=1 HTTP/1.1 
Host: ww2.mkkuei4kdsz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/

                                         
                                         64.190.63.136
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 26 Sep 2022 06:25:37 GMT
content-length: 0
x-cache-miss-from: parking-75468f7c47-pc9rg
server: NginX


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DOyTJnRspcZ8_0&v=ZWU2ZWI1MDQ5YTdmNzg0M2E2OWI4ZjdlNDMxZmJiMTAJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMzMTQ1ZTBiNjY4ZDguNDE3NjE5ODQJd3cyLm1ra3VlaTRrZHN6LmNvbTYzMzE0NWUwYjY2YmM0LjU4ODY2Mjc2CTE2NjQxNzM1MzcJYWRfNjNfMA==&l=OAkwNGMzYzdhYThhNTlhMmZkODg3NGVmY2YyZDJlYWUyOQkwCTM1CTAJZmQ2OTA1M2I2Yjc0YWMwYjUzNTBhMDEwZTIzYTg3NmMJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjQxNzM1MzcJMC4wMDAyNDYJTgkwCTEJMTgwNQkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1 
Host: ww2.mkkuei4kdsz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1

                                         
                                         64.190.63.136
HTTP/1.1 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Mon, 26 Sep 2022 06:25:37 GMT
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Mon, 26 Sep 2022 06:25:37 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DOyTJnRspcZ8_0&v=ZWU2ZWI1MDQ5YTdmNzg0M2E2OWI4ZjdlNDMxZmJiMTAJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMzMTQ1ZTBiNjY4ZDguNDE3NjE5ODQJd3cyLm1ra3VlaTRrZHN6LmNvbTYzMzE0NWUwYjY2YmM0LjU4ODY2Mjc2CTE2NjQxNzM1MzcJYWRfNjNfMA==&l=OAkwNGMzYzdhYThhNTlhMmZkODg3NGVmY2YyZDJlYWUyOQkwCTM1CTAJZmQ2OTA1M2I2Yjc0YWMwYjUzNTBhMDEwZTIzYTg3NmMJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjQxNzM1MzcJMC4wMDAyNDYJTgkwCTEJMTgwNQkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D
x-cache-miss-from: parking-75468f7c47-8lf9s
server: NginX


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DOyTJnRspcZ8_0&v=ZWU2ZWI1MDQ5YTdmNzg0M2E2OWI4ZjdlNDMxZmJiMTAJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMzMTQ1ZTBiNjY4ZDguNDE3NjE5ODQJd3cyLm1ra3VlaTRrZHN6LmNvbTYzMzE0NWUwYjY2YmM0LjU4ODY2Mjc2CTE2NjQxNzM1MzcJYWRfNjNfMA==&l=OAkwNGMzYzdhYThhNTlhMmZkODg3NGVmY2YyZDJlYWUyOQkwCTM1CTAJZmQ2OTA1M2I2Yjc0YWMwYjUzNTBhMDEwZTIzYTg3NmMJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjQxNzM1MzcJMC4wMDAyNDYJTgkwCTEJMTgwNQkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1 
Host: ww2.mkkuei4kdsz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         64.190.63.136
HTTP/1.1 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Mon, 26 Sep 2022 06:25:37 GMT
transfer-encoding: chunked
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Mon, 26 Sep 2022 06:25:37 GMT
location: http://xml.sedodna.com/click?i=OyTJnRspcZ8_0
x-cache-miss-from: parking-75468f7c47-v9czt
server: NginX


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   311
Md5:    75577f5e297ffd48e2551007f2bcc64c
Sha1:   4a2e05b004c7177b9848d1ea343b9f4aebe751ab
Sha256: bfaeee5c0159f6ec258c933a1362c9b9d5a157589877b165eb05c2cb0427b519

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /click?i=OyTJnRspcZ8_0 HTTP/1.1 
Host: xml.sedodna.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         173.239.53.32
HTTP/1.1 302 Found
                                        
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://semidapt.com/nnv8s9q3s?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjM5MzU5MV8yNDA5MzRfNDgyMjc4IiwiYWkiOiIwZGI4ZTMzNzZlYjRkNTUxZjQxYmZjNjJkYjJkZGU5NiIsImJpZCI6MC4wMDA1NiwiYyI6MC44LCJsIjozNTc3OTkyLCJlYW4iOi0xLCJzIjoiZGQ4ZjMwYTAxNDc2NzQxOTgwMWI0YzJkYzhlYzhmMGY5OGM0MGY1ODlhYmU2M2NkNDhhNGU5ZjI3NjM3YWQwMjI4YWVkZDY0MzViOTY0ZjhlNDA5NTFjODJlYmM2ZDQzMWQwOGNhYmI3OTBlNmZmNGZiMGYyZSIsImV0IjoiMTY2NDE3NDEzNiJ9.w4ZPxxkA9a4FRukPSbpYyowXJZVg4Dw4mMyItSWTByM&key=c8aa99f83b13fe6df17d2274f579c699&ap=${AUCTION_PRICE}&l=3577992&sub3=1664173536&pid=154044&auid=0db8e3376eb4d551f41bfc62db2dde96&
Pragma: no-cache

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E999CAD42CB6EB685AEB3EC32803CF44BFA22B775F3A8C641A62372D38BCE2B9"
Last-Modified: Sun, 25 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3967
Expires: Mon, 26 Sep 2022 07:31:45 GMT
Date: Mon, 26 Sep 2022 06:25:38 GMT
Connection: keep-alive

                                        
                                            GET /nnv8s9q3s?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjM5MzU5MV8yNDA5MzRfNDgyMjc4IiwiYWkiOiIwZGI4ZTMzNzZlYjRkNTUxZjQxYmZjNjJkYjJkZGU5NiIsImJpZCI6MC4wMDA1NiwiYyI6MC44LCJsIjozNTc3OTkyLCJlYW4iOi0xLCJzIjoiZGQ4ZjMwYTAxNDc2NzQxOTgwMWI0YzJkYzhlYzhmMGY5OGM0MGY1ODlhYmU2M2NkNDhhNGU5ZjI3NjM3YWQwMjI4YWVkZDY0MzViOTY0ZjhlNDA5NTFjODJlYmM2ZDQzMWQwOGNhYmI3OTBlNmZmNGZiMGYyZSIsImV0IjoiMTY2NDE3NDEzNiJ9.w4ZPxxkA9a4FRukPSbpYyowXJZVg4Dw4mMyItSWTByM&key=c8aa99f83b13fe6df17d2274f579c699&ap=${AUCTION_PRICE}&l=3577992&sub3=1664173536&pid=154044&auid=0db8e3376eb4d551f41bfc62db2dde96& HTTP/1.1 
Host: semidapt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         213.174.151.100
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 06:25:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17196958; expires=Tue, 27 Sep 2022 06:25:38 GMT ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzE5Njk1OCwiayI6ImM4YWE5OWY4M2IxM2ZlNmRmMTdkMjI3NGY1NzljNjk5Iiwic2lkIjoiMzkzNTkxXzI0MDkzNF80ODIyNzgiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE4NDQxNTksInBpZCI6MTU0MDQ0LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMzLCJhaWQiOjI4LCJwdCI6OCwicGsiOiJubnY4czlxM3MiLCJ0IjoxfSwicGIiOnsicmVwIjoiaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8iLCJpZiI6dHJ1ZSwibmMiOmZhbHNlLCJuaiI6ZmFsc2UsImluIjpmYWxzZSwidHAiOjEsIm5hIjpmYWxzZX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vd3cyLm1ra3VlaTRrZHN6LmNvbS8ifX0.6NXHcW8o-Wv-SPhpNvh8nhOY1zrzrryq1vs9HB9flMU; expires=Mon, 26 Sep 2022 06:26:38 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5a153f05dd970be9b8d022b486d9801d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (565)
Size:   2969
Md5:    9f4203ed1178f46b8c49f114e1150ee7
Sha1:   198e2e301acb2e8bc11c263b21c6e84af31fac26
Sha256: 253ef841886a41707cdb41b7b48ca92fb02e2d95d4137f90b6fbcacc7be7e060

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3145
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 06:25:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3145
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 06:25:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3145
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 06:25:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3145
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 06:25:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3145
Expires: Mon, 26 Sep 2022 07:18:03 GMT
Date: Mon, 26 Sep 2022 06:25:38 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f164d87-257d-468b-9a99-3559bced005c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9070
x-amzn-requestid: 2aceb075-d4bc-45b8-8330-5e719c565f77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSKEEdPoAMFsNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca40-3f120e0774b1d58a08898c39;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:08 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: feNiTFDhUx-BfoiybnKj83hCq6CCoiMeOSEHyFs8b7cLIgKvnO1Cdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:05:32 GMT
age: 30006
etag: "c16a6f018bd80c6390b7a07f4e6698db7bfd28b0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9070
Md5:    988b0c94c41a21c736b330c3256d0a3c
Sha1:   c16a6f018bd80c6390b7a07f4e6698db7bfd28b0
Sha256: 3034912f83810b3999ffa90f5eeaf0f45773c592cfd3cf2bfb794ea1b150158c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda074419-8119-43b4-9e9f-bdccf9f5d3cf.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11824
x-amzn-requestid: 6aad0f0e-feb3-4ffb-93bd-104c94d29944
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGoNIAMFp3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-3c89372f6221548e79849d68;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1SV6hQb_ploB_ehNYpKMcjBODl9y1ayD_W4W0pkqR4VQVxFkVxy0-w==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:19:32 GMT
age: 29166
etag: "fec58d5dfadad6f5913dc2303bfac89e56d5bc53"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11824
Md5:    5f3086174be3cb03a9727dab1f2c57a2
Sha1:   fec58d5dfadad6f5913dc2303bfac89e56d5bc53
Sha256: c74d48686365b9cc74e5296dc83a23a9e3580b5f2b7ef6b4b9ddc19bccf0fab8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mToVKJcSAtJB1AOuQ-Y9o_EZzyhUuZJivVa3DLql5FwzK4NC82kh5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:06:17 GMT
age: 29961
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8637
Md5:    d02ede0c964f3346fd53ae2950bf2a62
Sha1:   e49306a3713cb724be024a4ddb5e90645718a718
Sha256: c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:19 GMT
age: 31699
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size:   12826
Md5:    b3a72e81317074689a71dac7059e4b6a
Sha1:   b6d56333d7f1ea7ddc8838d84de498ff913c5464
Sha256: e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13584
x-amzn-requestid: 198bd2b4-d4ae-4f19-a500-463aee52b890
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHgFdNoAMFwEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc9-19a1f7d2102820da4b21f18b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bGRBCfCtZkeYhbTpaE18IpIgUtOHyttE-0hRk8fWVB9sJS2rSbP22g==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:05:32 GMT
etag: "ef9d756cbcda72cf7ef5029b7d384cd1fbaed633"
age: 30006
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13584
Md5:    2c11e6fef1be62b971bd9daf378bfc95
Sha1:   ef9d756cbcda72cf7ef5029b7d384cd1fbaed633
Sha256: b8369f83d6dddcd2355b81d8eb200791788165e56881ce21e1a1e9c8bb1bb2ef
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce85614e-743a-4f62-8caf-9fdeb86a1c45.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4021
x-amzn-requestid: b265dc30-377d-42a7-93ce-9e6932febcbd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSJ5FMxoAMF4GQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca3f-58fbb5914e5ec38f6260893c;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1VPelfMeF-nwhiMI2NSq6AGg6hTGIXJDR3RnnEVWLuMVrK9EJN8pFA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:11:53 GMT
age: 29625
etag: "43c5b52cd3fb56660d826916eaafff0901340787"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4021
Md5:    53e1460eb42e8f71ed179c3be0709333
Sha1:   43c5b52cd3fb56660d826916eaafff0901340787
Sha256: ec6de3d11b3c8d9743d8a91864a0c04a16259c206d87691591c2aa9b10edcd3c
                                        
                                            GET /nnv8s9q3s?pst=1664173598&rmtc=t&uuid=&pii=&in=false&refer=http%3A%2F%2Fww2.mkkuei4kdsz.com%2F&key=c8aa99f83b13fe6df17d2274f579c699&ap=%24%7BAUCTION_PRICE%7D&l=3577992&sub3=1664173536&pid=154044&auid=0db8e3376eb4d551f41bfc62db2dde96&shu=9919848d230442fea5a675eef68f4b0e1cac5a7c39fe3e2bb10e316c58db7922cbc36b68a9c9555692017a7c1044d2fb81a00b879e00b4ca1e8cb52d34184be6de271e07a0d3be0cc3a5732774e65aea06bd2cd9&fr=0&sw2=1280&sh2=939&sw3=1280&sh3=176&sw4=1280&sh4=939&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1002&auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjM5MzU5MV8yNDA5MzRfNDgyMjc4IiwiYWkiOiIwZGI4ZTMzNzZlYjRkNTUxZjQxYmZjNjJkYjJkZGU5NiIsImJpZCI6MC4wMDA1NiwiYyI6MC44LCJsIjozNTc3OTkyLCJlYW4iOi0xLCJzIjoiZGQ4ZjMwYTAxNDc2NzQxOTgwMWI0YzJkYzhlYzhmMGY5OGM0MGY1ODlhYmU2M2NkNDhhNGU5ZjI3NjM3YWQwMjI4YWVkZDY0MzViOTY0ZjhlNDA5NTFjODJlYmM2ZDQzMWQwOGNhYmI3OTBlNmZmNGZiMGYyZSIsImV0IjoiMTY2NDE3NDEzNiJ9.w4ZPxxkA9a4FRukPSbpYyowXJZVg4Dw4mMyItSWTByM HTTP/1.1 
Host: semidapt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://semidapt.com/nnv8s9q3s?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=17196958
Cookie: u_pl=17196958; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzE5Njk1OCwiayI6ImM4YWE5OWY4M2IxM2ZlNmRmMTdkMjI3NGY1NzljNjk5Iiwic2lkIjoiMzkzNTkxXzI0MDkzNF80ODIyNzgiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE4NDQxNTksInBpZCI6MTU0MDQ0LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMzLCJhaWQiOjI4LCJwdCI6OCwicGsiOiJubnY4czlxM3MiLCJ0IjoxfSwicGIiOnsicmVwIjoiaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8iLCJpZiI6dHJ1ZSwibmMiOmZhbHNlLCJuaiI6ZmFsc2UsImluIjpmYWxzZSwidHAiOjEsIm5hIjpmYWxzZX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vd3cyLm1ra3VlaTRrZHN6LmNvbS8ifX0.6NXHcW8o-Wv-SPhpNvh8nhOY1zrzrryq1vs9HB9flMU; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

                                         
                                         213.174.151.100
HTTP/1.1 302 Found
Content-Type: text/html
                                        
Server: nginx/1.17.9
Date: Mon, 26 Sep 2022 06:25:38 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17196958
Set-Cookie: pdhtkv=true; expires=Tue, 27 Sep 2022 06:25:38 GMT uncs=1; expires=Tue, 27 Sep 2022 06:25:38 GMT pdhtkv28=true; expires=Tue, 27 Sep 2022 06:25:38 GMT uncs28=1; expires=Tue, 27 Sep 2022 06:25:38 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f3c8ff2b36cd6cb0d700177dfbd02510
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17196958 HTTP/1.1 
Host: adserving.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://semidapt.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.11
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
content-length: 0
location: https://no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&sref=ADST&ADST=17196958&affiliateId=1&pid=86075577&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Mon, 26 Sep 2022 06:25:38 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 26 Sep 2022 06:25:38 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; domain=.unibet.com; expires=Wed, 26-Sep-3021 06:25:38 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=59
X-Firefox-Spdy: h2

                                        
                                            GET /stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&sref=ADST&ADST=17196958&affiliateId=1&pid=86075577&bid=37950 HTTP/1.1 
Host: no.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://semidapt.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         85.184.96.0
HTTP/2 301 Moved Permanently
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
content-length: 0
location: https://no.unibet.com:443/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&sref=ADST&ADST=17196958&affiliateId=1&pid=86075577&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86075577-37950
set-cookie: JSESSIONID=node01vutaedbi1fse11bi6u78s6kfl6945684.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict __ucbt=node01vutaedbi1fse11bi6u78s6kf; Path=/; Domain=.unibet.com; Expires=Wed, 25-Sep-2024 06:25:39 GMT; Max-Age=63072000; Secure; SameSite=None uniattr=ST.0.T; Path=/; Domain=.unibet.com; Expires=Wed, 25-Sep-2024 06:25:39 GMT; Max-Age=63072000; Secure; SameSite=None uniattr_ref="https://semidapt.com/"; Path=/; Domain=.unibet.com; Expires=Wed, 25-Sep-2024 06:25:39 GMT; Max-Age=63072000; Secure; SameSite=None UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None affid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None netwid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None CLAIM_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39890000; Secure; SameSite=None framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Mon, 26-Sep-2022 06:25:54 GMT; Max-Age=15; Secure; SameSite=None affiliateId=1; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39890000; Secure; SameSite=None B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39890000; Secure; SameSite=None REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None BID=37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39890000; Secure; SameSite=None PID=86075577; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39890000; Secure; SameSite=None CHID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None REFERER=https%3A%2F%2Fsemidapt.com%2F; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39890000; Secure; SameSite=None UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None BOCAID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None PRODUCT_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39890000; Secure; SameSite=None AFFILIATE_CAMPAIGN_ID=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39890000; Secure; SameSite=None framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Mon, 26-Sep-2022 06:25:54 GMT; Max-Age=15; Secure; SameSite=None campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39890000; Secure; SameSite=None framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Mon, 26-Sep-2022 06:25:54 GMT; Max-Age=15; Secure; SameSite=None clientId=polopoly_desktop; Domain=no.unibet.com; Path=/; SameSite=None; Secure
referer: https://semidapt.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Mon, 26 Sep 2022 06:25:39 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2

                                        
                                            GET /stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&sref=ADST&ADST=17196958&affiliateId=1&pid=86075577&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86075577-37950 HTTP/1.1 
Host: no.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://semidapt.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         85.184.96.0
HTTP/2 301 Moved Permanently
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
content-length: 0
location: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&bid=37950&campaignId=2750545&pid=86075577
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Mon, 26 Sep 2022 06:25:39 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.securetrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 638
Date: Mon, 26 Sep 2022 06:25:39 GMT
Connection: keep-alive

                                        
                                            GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1 
Host: a1s-cdn.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         85.184.96.5
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   956
Md5:    fd48e87ecd4d06d9c5df490b91dc813e
Sha1:   a65a437db44444634e4f41732c590c1d14433b3f
Sha256: 2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 06:25:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 06:25:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /orval/tracking/lastclick.min.js HTTP/1.1 
Host: a1s.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         85.184.96.5
HTTP/2 304 Not Modified
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
etag: "705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

                                        
                                            GET /no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&bid=37950&campaignId=2750545&pid=86075577 HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://semidapt.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
cache-control: public, max-age=900, immutable
content-md5: NGkNgKvE41ztpclvs1gdSA==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: W/"0x8DA52B67FA63ED8"
x-ms-request-id: 84f066ac-901e-0013-5c70-d1360e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: EXPIRED
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (48021)
Size:   35491
Md5:    37653a7a37bde1a428ec434869424b2e
Sha1:   73e941530a9fbddc3feb9b290687777ae73307e4
Sha256: ab252352b7c4a7a8d2518f9105b1531f065ff3f2c34de47f4f1b2f2a644bb2e5
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 06:25:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /no/pop/multisport/gambling-commission.png HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
content-length: 178
location: https://www.unibet.com/
server: NetDNA-cache/2.2
x-cache: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /no/pop/multisport/icon-expert.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B6820929CB"
x-ms-request-id: bdbebf1e-801e-001f-7c6f-d1a106000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1012
Md5:    4e2d111ae002d37ac6dc1fa9ab64595a
Sha1:   3c3c5000be08edc2ccbf6afac62347f509a9583c
Sha256: 1e5f483c04769543f65b3194cd283ad657e94a11876a43a3ce5b3d3dfcc97c88
                                        
                                            GET /no/pop/multisport/app-sports-icon.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B682FA1D49"
x-ms-request-id: dbab3ead-601e-0017-306f-d1bb09000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (15888), with no line terminators
Size:   9940
Md5:    9468f6c21c4562de88edf5c80d4ed4c5
Sha1:   df3cb882ab296f4c054ad06d87340db5c16dde2d
Sha256: de7b316bd2b18160a6d024fb369ae537b61b6f561b54779d841efa179e1e00ce
                                        
                                            GET /releases/v5.7.1/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.133.15
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
content-length: 74320
x-amz-id-2: k+Rd+4MXXnXafL9w9FQ02nQrubAKNjFwHjB5MlOTfZKrjw8E/i/bXdY17Bt8M5edG8CIz+96t80=
x-amz-request-id: CHX0NFYW2GM8T3E1
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: "3638e62ea50e6f5859b6a15276c25c87"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28940535
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yS2hdRiWOk3Mf2GfDdkWkQo2P5BgYCpj%2FtOmDeP%2FlMKrPSeBYn%2BDy8ZY10Iw1kfYJf2ixGkkCkfwV%2BiN6vv%2Bl%2BLUhNs2RzJgLRzLCav3vH%2BuwqKFrkb93m0hyeVSI5SBAedble6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7509ec6f7a2b759d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 74320, version 329.30998\012- data
Size:   74320
Md5:    3638e62ea50e6f5859b6a15276c25c87
Sha1:   f5aa1a463e223a294a42b314e1c63a614d594ec0
Sha256: 9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
                                        
                                            GET / HTTP/1.1 
Host: www.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         85.184.96.0
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=10
expires: Mon, 26 Sep 2022 05:42:24 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
set-cookie: clientId=polopoly_desktop; Domain=www.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   110174
Md5:    d8a9fce33cc67cab8bb2ded08cc59c7e
Sha1:   c70e2e62debdca4a4876a3a2b669013f2ea2bcb0
Sha256: 98c07f40248d18090b9d1387c5b9c59dbc2fc2923e1b51634a7d91526db9005a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 06:25:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 06:25:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /no/pop/multisport/Unibet_Pro_2020.woff2 HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Mon, 20 Jun 2022 12:15:05 GMT
etag: "0x8DA52B682E2A11A"
x-ms-request-id: 17f8d602-301e-0068-3b6f-d17492000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Size:   10924
Md5:    0ea5bcff84ae44840b6e9c9d12c8b963
Sha1:   6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
Sha256: b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
                                        
                                            GET /no/pop/multisport/1-main.js HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68343779E"
x-ms-request-id: 912ab044-d01e-002d-166e-d1a171000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2150
Md5:    d4d2b81f1927961c670fb2064a2a93c1
Sha1:   46fefc57cc77026bd83cf605d4e11b2f8ea05167
Sha256: 0ccec27152f356774a582117cd1be218f5d684e6939a55cc89c92983349bd027
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 384691
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 18:14:12 GMT
expires: Mon, 25 Sep 2023 18:14:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
age: 43887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:21 GMT
expires: Thu, 21 Sep 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 384678
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size:   15740
Md5:    b9c29351c46f3e8c8631c4002457f48a
Sha1:   e57e59c5780995ff2937ab2b511a769212974a87
Sha256: f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
                                        
                                            GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 06:25:39 GMT
expires: Mon, 26 Sep 2022 06:25:39 GMT
cache-control: private, max-age=900
last-modified: Mon, 26 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79374
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (62112)
Size:   79374
Md5:    314fdefd8c6385a3c68673e7e40374a2
Sha1:   4eab2a9964fa20f230dec427731b257434d909d0
Sha256: f80cc2f1af1ecd2384529997d4be1fd2db165f325a1b83988444afbc34970511
                                        
                                            GET /no/pop/multisport/utv-logo.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: W/"0x8DA52B680312C74"
x-ms-request-id: bdbba3de-801e-001f-3f6e-d1a106000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5331
Md5:    75096c70257f66ee1f64d48e104827b9
Sha1:   b83ee644fe4c84dea8c1d87867f04a3e85c08684
Sha256: 7402304591a15c8c774f85160d187c34bdb3c611124ca704329a1042f7cc49bb
                                        
                                            GET /no/pop/multisport/icon-trust.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B68201D7DE"
x-ms-request-id: 921e8731-601e-0075-086e-d1792e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1028
Md5:    b9b67127e1455399cb243c318fdfb1b0
Sha1:   67751260c3cf82ba4006279b7bf1d4ac9fc455f4
Sha256: 3604b39fe81e5dc0f2303ecf2a1e5eaa508c63aed7b4c9969f35e0c83c9052ee
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 26 Sep 2022 06:25:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6349
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 06:25:39 GMT
Last-Modified: Mon, 26 Sep 2022 04:39:50 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6349
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 06:25:39 GMT
Last-Modified: Mon, 26 Sep 2022 04:39:50 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /seg?add=9755599 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.210.90
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Mon, 26 Sep 2022 06:25:40 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 29cb691b-6dde-4678-a6bb-a6e42f6f4cd4
Set-Cookie: uuid2=7583723345762781502; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 25-Dec-2022 06:25:40 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2636
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 06:25:40 GMT
Last-Modified: Mon, 26 Sep 2022 05:41:44 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1664173538298 HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         3.250.251.255
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-1-v042-03bacbb28.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=18651419905594668601128985070197025865; Max-Age=15552000; Expires=Sat, 25 Mar 2023 06:25:40 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: zpE5drffSik=
Content-Length: 497
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Size:   497
Md5:    8b539fb72f6043c00f95205a1c4ef0dc
Sha1:   4d571baca401f870caa8e74e266785b896e86e45
Sha256: 5e1b7dafd854a12f9a7f69a7eaa6e83df67ba23cf5c4871665fa6d5dad43afa8
                                        
                                            GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: application/json
                                        
date: Mon, 26 Sep 2022 06:25:40 GMT
content-length: 1540
access-control-expose-headers: CE-Version
ce-version: 11.4.10
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Mon, 26 Sep 2022 02:24:47 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 14453
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7509ec71fccdb4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (4015), with no line terminators
Size:   1540
Md5:    c4c07049334e3785decf811ba641bc5d
Sha1:   8b9c96440cdc68b3a059f4db33599129b296d6ec
Sha256: c51cefac8c6c3a6df991ea30ebb17f010853c10bc23582fa1516f1df70a98853
                                        
                                            GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.210.90
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.21.3
Date: Mon, 26 Sep 2022 06:25:40 GMT
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: edce773f-9f8c-434d-a8b9-85374d7b6da5
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E>2LMqfQ!@wnf-Te9(>wL5L!!'2%$USn+; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 25-Dec-2022 06:25:40 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    592ebefc7104d681d57852665e9ad514
Sha1:   15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
Sha256: 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4605
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 06:25:40 GMT
Last-Modified: Mon, 26 Sep 2022 05:08:56 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4211
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 06:25:40 GMT
Last-Modified: Mon, 26 Sep 2022 05:15:29 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5044
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 06:25:40 GMT
Last-Modified: Mon, 26 Sep 2022 05:01:36 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1 
Host: bannerflow-feed-builder.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.40.147.180
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=04ecefbf6049a7faec0d2b616eda72ea6b4384cbe5fde47b8f8ff88bc724fd20;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net ARRAffinitySameSite=04ecefbf6049a7faec0d2b616eda72ea6b4384cbe5fde47b8f8ff88bc724fd20;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2072
Md5:    1a560a95063ea0a738851176b8ba6f2c
Sha1:   844c95a1113df0cc31c3df095c22716609e26de2
Sha256: ebd1ff11b640db8a2bb0b95153075cc14de58dd4e38d2b5408bdb88a25cfa885
                                        
                                            GET /pages/versioned/common-scripts/a18bb0e21d11a839b7adb013c92ee611.js HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Mon, 26 Sep 2022 06:25:40 GMT
content-length: 30751
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Sat, 17 Sep 2022 06:58:49 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 234518
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7509ec737e64b4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25693)
Size:   30751
Md5:    3bfbf5e7fda7d79e892702bfb2ac06bb
Sha1:   152307731fd2f7756b4717e3008966eb6ed86d34
Sha256: 12fcbae9e8c2be14406a7838f5a9ed457d86dd7a86f08a8cc8a9ad7cb45aed49
                                        
                                            GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=18680407932779379111127087409438347730&ts=1664173538556 HTTP/1.1 
Host: unibetlondonltd.d3.sc.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         15.236.176.210
HTTP/2 200 OK
content-type: application/x-javascript;charset=utf-8
                                        
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
date: Mon, 26 Sep 2022 06:25:40 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1 
Host: cdn.bannerflow.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.171.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 26 Sep 2022 06:25:40 GMT
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 182
vary: Accept-Encoding
server: cloudflare
cf-ray: 7509ec7268840b49-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   10823
Md5:    09c4f78864dcffc68441cc04666db3d5
Sha1:   ae09fa29254fd03f4a911d9eb3371542aba54e16
Sha256: c49b37de235cf47b0dd5db9dcc8c2517c98085f407bed45ea07212c376e1c021
                                        
                                            GET /pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=462270 HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: application/json
                                        
date: Mon, 26 Sep 2022 06:25:40 GMT
content-length: 145
access-control-expose-headers: CE-Version
ce-version: 11.4.10
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Mon, 26 Sep 2022 02:24:47 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 14453
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7509ec73deb9b4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   145
Md5:    e9ffda87dff027c7bb9e859a5c2965c9
Sha1:   52a19a2b0795a162236e3a76b4ea19999a5423b3
Sha256: 663412f70db8472d43983e6326bc8f5f1e975e3832136cc11b951acd326d9166
                                        
                                            GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s01451007254318?AQB=1&ndh=1&pf=1&t=26%2F8%2F2022%206%3A25%3A38%201%200&mid=18680407932779379111127087409438347730&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86075577-37950%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26bid%3D37950%26campaignId%3D2750545%26pid%3D86075577&r=https%3A%2F%2Fsemidapt.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86075577-37950%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26bid%3D37950%26campaignId%3D2750545%26pid%3D86075577&v1=welcome.unibet.com%3A%3A%3Adesktop%3Ano%3Apop%3Amultisport%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=6%3A25%20AM%7CMonday&v6=6%3A25%20AM%7CMonday&v11=GBP&c14=New&v14=New&c16=1664173538&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A86075577-37950&v122=NONE&v124=2750545&v125=127656177_3FE0D547AE5748F2AF05F39A45842469&v126=86075577&v127=37950&v134=1664173538&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1 
Host: unibetlondonltd.d3.sc.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         15.236.176.210
HTTP/2 200 OK
content-type: image/gif;charset=utf-8
                                        
access-control-allow-origin: *
date: Mon, 26 Sep 2022 06:25:40 GMT
expires: Sun, 25 Sep 2022 06:25:40 GMT
last-modified: Tue, 27 Sep 2022 06:25:40 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3573785465076842496-4619779696402744245
vary: *
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 2 x 2\012- data
Size:   43
Md5:    ad480fd0732d0f6f1a8b06359e3a42bb
Sha1:   a544538683a2dfe574eeb2e358ac8fcc78289d50
Sha256: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
                                        
                                            GET /healthcheck HTTP/1.1 
Host: pagestates-tracking.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.77
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 19
date: Thu, 14 Jul 2022 06:23:23 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dX4Xkw55QAujy9SXbtxwsU1i24J_nJoHK_MA8E7_ybolFn9ZCLbGQA==
age: 6393738
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   19
Md5:    d06f04fccf68d0b228a5923187ce1afd
Sha1:   5de9df9fdd66a91eed06e31981553d4ab9ccf490
Sha256: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
                                        
                                            GET /healthcheck HTTP/1.1 
Host: assets-tracking.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.114
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 19
date: Mon, 22 Aug 2022 11:33:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AFcJ1FuL3MS9sBheha-ZMcnxWkfgNbfSNqVs62ft3jsljp8CZjvwuQ==
age: 3005545
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   19
Md5:    d06f04fccf68d0b228a5923187ce1afd
Sha1:   5de9df9fdd66a91eed06e31981553d4ab9ccf490
Sha256: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 06:25:40 GMT
Last-Modified: Mon, 26 Sep 2022 05:27:00 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: K6qbMmSPQ_S5IqxjY10ESgrBxM572_2DBciRQmLbE1p06EjTbc6bQA==
Age: 3520

                                        
                                            GET /cm/dd?d_uuid=18651419905594668601128985070197025865 HTTP/1.1 
Host: cm.everesttech.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.17.180.229
HTTP/1.1 302
                                        
Date: Mon, 26 Sep 2022 06:25:40 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~YzFF5AAAAIT-xgN-; Domain=.everesttech.net; Expires=Tue, 26-Sep-2023 06:25:40 GMT; Path=/ everest_session_v2=YzFF5AAAAIT-xwN-; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzFF5AAAAIT-xgN-
Server: AMO-cookiemap/1.1

                                        
                                            GET /ibs:dpid=411&dpuuid=YzFF5AAAAIT-xgN- HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.250.251.255
HTTP/1.1 302 Found
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v042-0bdef3a0b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzFF5AAAAIT-xgN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=58588102879759073410499242411555907834; Max-Age=15552000; Expires=Sat, 25 Mar 2023 06:25:40 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: eFfOI7BuTt4=
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzFF5AAAAIT-xgN- HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.250.251.255
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-2-v042-0056a185e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: RSB0/6E7SVg=
Content-Length: 59
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   59
Md5:    1251cd5e5c2def4c046309375f87c1c1
Sha1:   e02d6b0c6a5c495c15985e2832e335eda8528c80
Sha256: 4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 26 Sep 2022 06:25:40 GMT
Last-Modified: Mon, 26 Sep 2022 05:09:42 GMT
Server: ECS (dcb/7F5F)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: v3_JsNwfM7qxiCBEmMICb7asY8OOzNbQpAi_RnaM_8Xb03a8yVDSHg==
Age: 4558

                                        
                                            GET /clock?t=1664173538837 HTTP/1.1 
Host: tracking.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         108.128.203.219
HTTP/2 200 OK
content-type: text/plain
                                        
server: awselb/2.0
date: Mon, 26 Sep 2022 06:25:40 GMT
content-length: 26
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    33df131881c7a177fb87478016101ebc
Sha1:   3d1b516c42ca1bbf626ec54987eef11331fc1e9f
Sha256: 78e3ea585413d3e0c97f0fcf0418e2b853fb5f0d0af56305b60a86300b7dd1b0
                                        
                                            GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1 
Host: cdn.bannerflow.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.171.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 26 Sep 2022 06:25:40 GMT
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 341
vary: Accept-Encoding
server: cloudflare
cf-ray: 7509ec7258760b49-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1 
Host: cdn.bannerflow.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.171.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 26 Sep 2022 06:25:40 GMT
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 341
vary: Accept-Encoding
server: cloudflare
cf-ray: 7509ec72687f0b49-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/app-store-ro.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68300D310"
x-ms-request-id: ca4316df-d01e-004f-576e-d16356000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pages/scripts/0012/9242.js?462270 HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Mon, 26 Sep 2022 06:25:40 GMT
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.4.10
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=5675
last-modified: Mon, 26 Sep 2022 02:24:47 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 14453
vary: Accept-Encoding
server: cloudflare
cf-ray: 7509ec710b96b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v5.7.1/css/all.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.133.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
x-amz-id-2: yGm6IVdCl/eZvDCLuTph3IvRafGPZvLOVSzlhtObUtQLFiHcElid7TPyqEboXBdWb8BJ9LJMeI0=
x-amz-request-id: MZGCZCF8C1T3EMF3
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 28940540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZjN2TL6xmTMdIPVxgzNpuC7YDsU%2FiQqkJukSd9ahiCQrCz7btsq2hfs0alb2wkEtYPxKxLW49xs8tVl9E6hU6TMds%2BwoZIQQA82MiiJhGmGsQy4lqhLc0fa3NhvaQ82sDaSojdC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7509ec6e5901759d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: www.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         85.184.96.0
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=10
expires: Mon, 26 Sep 2022 05:42:24 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pages/scripts/0012/9242.js HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Mon, 26 Sep 2022 06:25:40 GMT
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.4.10
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=5675
last-modified: Mon, 26 Sep 2022 02:24:47 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 14453
vary: Accept-Encoding
server: cloudflare
cf-ray: 7509ec70fb8db4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/icon-sports.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B682395A83"
x-ms-request-id: 3275b22e-701e-0079-4d6f-d1ee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Roboto:300,400,500 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 06:25:39 GMT
date: Mon, 26 Sep 2022 06:25:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/1-styles.css HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: W/"0x8DA52B67FB09D8F"
x-ms-request-id: dc78c056-601e-0038-376e-d1b6c2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/read_json.js HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B6834CEC1B"
x-ms-request-id: 3fdfa731-801e-000f-466e-d1646e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /custom.js HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: 3b64927a-b01e-0076-18bb-d0984a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/unibet-logo.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: W/"0x8DA52B6805B919A"
x-ms-request-id: d7f18910-901e-0061-546e-d13141000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/com-payments.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 20 Jun 2022 12:15:02 GMT
etag: W/"0x8DA52B680877D2F"
x-ms-request-id: df6e89f1-901e-0071-226f-d1f429000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/google-play-ro.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_3FE0D547AE5748F2AF05F39A45842469&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664173538935)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C2022926625%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228150254321%7c1%22%7d%5d; __ucbt=node01vutaedbi1fse11bi6u78s6kf; uniattr=ST.0.T; uniattr_ref="https://semidapt.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_3FE0D547AE5748F2AF05F39A45842469; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fsemidapt.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_3FE0D547AE5748F2AF05F39A45842469%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Mon, 26 Sep 2022 06:25:39 GMT
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68307D6EA"
x-ms-request-id: 0154fe82-301e-000a-096f-d1b6b5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---