| cloudsoxe.com/file/fe06fa |  188.114.96.1 | 301 Moved Permanently | 0 B |
URL HTTP/1.1cloudsoxe.com/file/fe06fa IP188.114.96.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /file/fe06fa HTTP/1.1
Host: cloudsoxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 07 Oct 2022 16:50:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 07 Oct 2022 17:50:49 GMT
Location: https://cloudsoxe.com/file/fe06fa
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOr1nnKHh2VYEBizdP1%2Bh2w7tj68yst5HiIU%2Bp%2FqtvehNWjzpJqNnO6EgDiausrhbe%2BKMmalgqAO7Z2y2qyW5BeZbC1R2D7iKRliwUUmRaFwK84UyKWQTUPWu5%2BMQiZ0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756823553ecbfac0-OSL
alt-svc: h2=":443"; ma=60
|
|
| firefox.settings.services.mozilla.com/v1/ |  54.230.111.65 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP54.230.111.65:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mEROvTC-CFfn_gArBx-DQEXDfqP1K3hLy3H8x3M8LPSquqMR1hQ1XQ==
Age: 176611
|
|
| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash282f6e1328452c1cb41f6a6272fff757 20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262 6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3873
Expires: Fri, 07 Oct 2022 17:55:23 GMT
Date: Fri, 07 Oct 2022 16:50:50 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash4ab7d8709d334de0e46dcb86aabfbff1 f221138a8ad9d0bfa3c054370dcdb363a67dc310 b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2202
Expires: Fri, 07 Oct 2022 17:27:32 GMT
Date: Fri, 07 Oct 2022 16:50:50 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: q0XigzqhcN8zTkTIrgafSkvd5fhTK8HXreJT2oD4W1pcAmZ37aXc+5CAHWGL94TAUndSMutFLfs=
x-amz-request-id: 0Q7K9JWAQ0DG86PE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 16:31:16 GMT
age: 1174
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 16:50:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| counter.yadro.ru/hit;FileMix?r;s1280*1024*24;uhttps%3A//cloudsoxe.com/file/fe06fa;hCapture001.png;0.08721492055691471 |  88.212.201.198 | 200 OK | 43 B |
URL HTTP/1.1counter.yadro.ru/hit;FileMix?r;s1280*1024*24;uhttps%3A//cloudsoxe.com/file/fe06fa;hCapture001.png;0.08721492055691471 IP88.212.201.198:0 ASN#39134 United Network LLC
File typeGIF image data, version 89a, 1 x 1\012- data Hashfc94fb0c3ed8a8f909dbc7630a0987ff 56d45f8a17f5078a20af9962c992ca4678450765 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /hit;FileMix?r;s1280*1024*24;uhttps%3A//cloudsoxe.com/file/fe06fa;hCapture001.png;0.08721492055691471 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudsoxe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 07 Oct 2022 16:50:50 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Expires: Wed, 06 Oct 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 54.230.111.65 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP54.230.111.65:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Fri, 07 Oct 2022 16:42:40 GMT
Cache-Control: max-age=3600
Expires: Fri, 07 Oct 2022 17:20:42 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7egk-fLZPFn9i4LB5QbofUh0pmWxZNCsCCNEhspV9B2hfNk01Op6ig==
Age: 1269
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashd6c404502c7987174a84d8f0a3efab23 fc3a3f6d63acab3f659fb3536b65fd8564ec8628 94b5693df873bd923ffbf31f576fff01d2628e5796af4c6b91306a743e27d19b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2479
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 16:50:50 GMT
Last-Modified: Fri, 07 Oct 2022 16:09:31 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 54.189.157.130 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.189.157.130:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dcgOw3YYHqAilMW7824vCQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SnZIFkzd8bx/0rPgUG5qDC5yS7Q=
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash31e440ccd993c4ee793f50511c2ac7c4 4380327d50b7001d158aee05a57c6078e57c94e4 65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3860
Expires: Fri, 07 Oct 2022 17:55:12 GMT
Date: Fri, 07 Oct 2022 16:50:52 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash31e440ccd993c4ee793f50511c2ac7c4 4380327d50b7001d158aee05a57c6078e57c94e4 65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3860
Expires: Fri, 07 Oct 2022 17:55:12 GMT
Date: Fri, 07 Oct 2022 16:50:52 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash31e440ccd993c4ee793f50511c2ac7c4 4380327d50b7001d158aee05a57c6078e57c94e4 65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3860
Expires: Fri, 07 Oct 2022 17:55:12 GMT
Date: Fri, 07 Oct 2022 16:50:52 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash31e440ccd993c4ee793f50511c2ac7c4 4380327d50b7001d158aee05a57c6078e57c94e4 65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3860
Expires: Fri, 07 Oct 2022 17:55:12 GMT
Date: Fri, 07 Oct 2022 16:50:52 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp | 34.120.237.76 | 200 OK | 7.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashed3fa86bbe319c9a2f81ff625e677cb0 e3d5210207f6ff922bc28e328285059c19a523a4 5919694bd942a4f25d5b7ffc3f8aee1af6cdb8461d4ba3dba9a2e72cf19164c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7261
x-amzn-requestid: e1bdf299-b29e-4f58-9c8a-33f5dacdb081
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmirBELYoAMFfgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b13-1969b32c6f4f7e5749e7caa0;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: V3fTgH8URZ1iWMxWPy49--20mtdJvMK6XTG_aPKk68pvwCxPl8lULw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
age: 68794
etag: "e3d5210207f6ff922bc28e328285059c19a523a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf2ac0ed19ef64f2f765ce7adb2a8fa7c b6ea582befd01324dd456d59d3f610101dcf910c d324c9f67b0efc38a935195076488dd0a62f61b893706ecf40ad1f2c5550a7d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11492
x-amzn-requestid: 7ac7e364-5204-4101-87f6-89fbdf3c5cb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_GKSoAMFdkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-4ae692e2617657225c88e5fb;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: jddNzOBqcXe8oUyYEEC82u0w35f4lAdk7Xf4ruu40Ngj2eY-r1Qyww==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "b6ea582befd01324dd456d59d3f610101dcf910c"
content-type: image/jpeg
age: 68794
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg | 34.120.237.76 | 200 OK | 8.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4572451a09430ca7a9203f14ddc035ba 46e17c44fba23988d7a9d9832c411ba2810136c3 fa54e73c4b32d8e109504ebcd46e4316de8143f44b7eae20a44ba63d14a6f24b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8445
x-amzn-requestid: 7d295b3b-29d6-4b2e-8314-c9055d1def80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmju5FxwoAMFeQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4cc5-3f58c18b1159ad512c60422b;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:46:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: DC1ECXhkAhfdrU8ZyMhhDdwydsq4PQfzzGOPd-REjCkCsDbXQLnLiA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:01:57 GMT
etag: "46e17c44fba23988d7a9d9832c411ba2810136c3"
content-type: image/jpeg
age: 67735
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash53b7ffdc3799e0ac7a225145242579ef c47f0525fe5354ee13fe63c0ec31f0f826a58005 4bb518afc9b3e7bfb976d343e46b306155834adbe71fa35b0d6f509959f78aca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10987
x-amzn-requestid: c2ab1012-1afd-4d74-8114-97977b43da24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZgCHwGdGoAMFvyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cb097-3237927a0c1e081d22c902f7;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 22:15:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: iClOZEPMiFmpeprT8McJ2HI0dCmyxkhEdfYr0qP0YK3U_Pcd9N0Fhg==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 11:08:01 GMT
age: 20571
etag: "c47f0525fe5354ee13fe63c0ec31f0f826a58005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash16339989f5c6c229a3dcc0ed1e52032f a1ea26d6e4eb4a72cc8c87100b40035dab69d285 16703f888ee6f974bb89e1c4c16a75186b31b64130abcd1a3bcd3741159d912c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13437
x-amzn-requestid: ec801fbc-c339-46ce-ac5f-18d064e5ef21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_HdeoAMFyOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-02b52b770e6e76cf52b26e47;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Iesqk_XbGiZE-n3mTa1_1WtlXiyEqz-4qfyt3_609O1eujdLcFu3zA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:01:58 GMT
etag: "a1ea26d6e4eb4a72cc8c87100b40035dab69d285"
content-type: image/jpeg
age: 67734
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg | 34.120.237.76 | 200 OK | 9.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7e30ca5022768294665070cafc9d489c c6ebf53c21206cfcf8e70279d3ae43f0170ade3a 6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: a9tOPCySPRdXpvJf239ycM7_3PJS7GcITvM52Sxic_FwYr_-n2XQHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
age: 68794
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha1c6d7d01c3a040af4020191138cce14 b59fc7fbd993f7781234d488a8ba010237ee123b 9975556f903374e75c60204184fc8ba47b0a99b13af770a72b208beb2d46eb64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9975556F903374E75C60204184FC8BA47B0A99B13AF770A72B208BEB2D46EB64"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9107
Expires: Fri, 07 Oct 2022 19:22:42 GMT
Date: Fri, 07 Oct 2022 16:50:55 GMT
Connection: keep-alive
|
|
| xalienstreamx.com/NWrIB28862648d4e2564a744813e7154a13280b5c74b4?s1=449&s2=eyJicm93c2VyIjoiRmlyZWZveCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvcyI6IkxpbnV4IDAifQ==&s3=eyJ1dG1fc291cmNlIjoiMzA4Mjk1IiwidXRtX21lZGl1bSI6ImV5SnBjQ0k2SWpreExqa3dMalF5TGpFMU5DSXNJbWRsYnlJNkltNXZJaXdpYjNNaU9pSXdJaXdpWW5KdmQzTmxjbk1pT2lKdGVpSXNJbXhoYm1jaU9pSmxiaTFWVXlJc0luSmxabVZ5WlhJaU9pSWlMQ0pyWlhraU9pSTVOVFUxWW1JM04yTmlOamd4WkdKbVlUbG1NR0l4T0RCaU5EWmxPVGc1WlNKOSIsInV0bV9jYW1wYWlnbiI6MzIxOTA3OTksInV0bV90ZXJtIjoiMTIyODQyIiwidXRtX2NvbnRlbnQiOiIxODQ3NTc0MDQifQ__&q=capture001 |  188.72.236.136 | 302 Found | 528 B |
URL HTTP/2xalienstreamx.com/NWrIB28862648d4e2564a744813e7154a13280b5c74b4?s1=449&s2=eyJicm93c2VyIjoiRmlyZWZveCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvcyI6IkxpbnV4IDAifQ==&s3=eyJ1dG1fc291cmNlIjoiMzA4Mjk1IiwidXRtX21lZGl1bSI6ImV5SnBjQ0k2SWpreExqa3dMalF5TGpFMU5DSXNJbWRsYnlJNkltNXZJaXdpYjNNaU9pSXdJaXdpWW5KdmQzTmxjbk1pT2lKdGVpSXNJbXhoYm1jaU9pSmxiaTFWVXlJc0luSmxabVZ5WlhJaU9pSWlMQ0pyWlhraU9pSTVOVFUxWW1JM04yTmlOamd4WkdKbVlUbG1NR0l4T0RCaU5EWmxPVGc1WlNKOSIsInV0bV9jYW1wYWlnbiI6MzIxOTA3OTksInV0bV90ZXJtIjoiMTIyODQyIiwidXRtX2NvbnRlbnQiOiIxODQ3NTc0MDQifQ__&q=capture001 IP188.72.236.136:0
File typeHTML document, ASCII text, with very long lines (526) Hash2d7b2e9f7a75bcc59be8d03e0038295a f1467349575c829fc92417e73a79a12aa5d9bed2 d0526476cebbe92b80e98611ca4dcbbb3e1b0897c47347e8e9db1cc2cb03bcac
GET /NWrIB28862648d4e2564a744813e7154a13280b5c74b4?s1=449&s2=eyJicm93c2VyIjoiRmlyZWZveCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvcyI6IkxpbnV4IDAifQ==&s3=eyJ1dG1fc291cmNlIjoiMzA4Mjk1IiwidXRtX21lZGl1bSI6ImV5SnBjQ0k2SWpreExqa3dMalF5TGpFMU5DSXNJbWRsYnlJNkltNXZJaXdpYjNNaU9pSXdJaXdpWW5KdmQzTmxjbk1pT2lKdGVpSXNJbXhoYm1jaU9pSmxiaTFWVXlJc0luSmxabVZ5WlhJaU9pSWlMQ0pyWlhraU9pSTVOVFUxWW1JM04yTmlOamd4WkdKbVlUbG1NR0l4T0RCaU5EWmxPVGc1WlNKOSIsInV0bV9jYW1wYWlnbiI6MzIxOTA3OTksInV0bV90ZXJtIjoiMTIyODQyIiwidXRtX2NvbnRlbnQiOiIxODQ3NTc0MDQifQ__&q=capture001 HTTP/1.1
Host: xalienstreamx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudsoxe.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 07 Oct 2022 16:50:55 GMT
content-type: text/html; charset=utf-8
content-length: 528
location: https://curvyalpaca.cc/click?a=9LaM&e=gAAAAABjQFjvZS6Hcqh3ma3W9rLeMh2A-VRnkINMRHeebtB-C9yYds72NbdVO2YN1waIxRHPmB6Mcnp92m2tCJOu71D9Pl50gAUv7YHy3KscUgzgF5Ttomj3UX4uqH88NfCPAAP3mR13ZlPDj8s4ULXhOIK6BDZQ_uNnHO7deqNsABnc_VTMs6u3sP5gLghDDQoV1NTZdsEYUwV4dfjibIWn2lSbW4Pz2mZkKRUpSwKR-LApN76LF_c7hz-8IZSxfTQg8oKWZcgPmjDjZkli7g345BsVJrn88PPVOEQUOjbANAxZ_QQGUC4mQlbAhENpEB9F4aB0ts7gcdwzH0HpFMAFrbeotCt-ddbS6YQKmV4AdslslhnuspS7nGEqDVXTVZoHB5vsX0YCqt3W5f15dqeA3GKR_zZf6g%3D%3D&c=AO9YQGO7IQUAmksCAE5PFgAMANo520MA
set-cookie: bd_context=jmrnLSZ5ZVW7EBk2ZNZ+f9aM8lyn508Tj0LRZM7kFt/w9vjwfk7M9Iz5VZd0LpMYqXfqkb0qk9ydMi+46L49VMXbxSaG9xuUSGLWsK5ha203bYCJqUpwdL9x7lk4/gbPFRcne4Ps4En5Lnxx9WjZIOsYQy49YEfZP6YytYU6g+j7C4wW47/ge7CW90sLaZRn+7N7+t5I/4OOfKtWEGeTaWix5iEkKjGOKP2snqH8qlUjbsG9ELVaPSa7+2AqX6eNIl/umT8iGjJUjiOaOiFllCsUmu38WxPARf9fE79Qtt+Te8C3mEXfB03398wdlrsFo6Hxqa88Z8Bchp8=; Expires=Sat, 07 Oct 2023 16:50:55 GMT
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ |  104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hash97bd0ecab8ad06c1356a9fcf85ff69b8 385ee56fd21888ad6795fc67f21e5767cf412825 a7a1e1b3725cd41a972fd886f1f3e2f0cc6ed7c2cc700b4fd8a1c780c52df97b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 16:50:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 14:40:43 GMT
Expires: Tue, 11 Oct 2022 14:40:42 GMT
Etag: "385ee56fd21888ad6795fc67f21e5767cf412825"
Cache-Control: max-age=337186,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7568237acafeb509-OSL
|
|
| curvyalpaca.cc/sc?a=9LaM&c=fBFomCkaVTApnVnaFxBCj9&e=gAAAAABjQFjwJTilYKEBAbBR7Kesq4D1TkmeSRHsl1og4FnxESGV6SgSe70u14GLC1u5q07fNHFlZ0kEeTMS00gmwkd9Z0Yg8OShVrlYZdaRMQrKOBF1BuZpzgVnmxzJ4M_g6rB0r3SCYOt13-LwTA1w-b2OCyLRf0ZTlBym-6Rld4IKCOWdeuOhpYG_CsHzL0Se8V6cX1WRAKd4wSg0QkPtHdvm2pyhWf7CA1QX4fCvCjNDoM7wH5cR5wH_euXxG-c5zTEutOTgP9ACyWXbuISmxU7HWZgJkiMoFCXrcJrIXPr8Y-tQkzz4kd-QD4ndh0Lz4fLVt4Oy6cCBPQfqwqPmP7n3E3d2VH2aF7t8nX-H2MuZl4-60iwEBGJbWRv31faMW7TxYsJklLwbk4ueNjxz2G4UJv_ZCw==&f=0 |  168.119.67.98 | 302 Found | 76 B |
URL HTTP/2curvyalpaca.cc/sc?a=9LaM&c=fBFomCkaVTApnVnaFxBCj9&e=gAAAAABjQFjwJTilYKEBAbBR7Kesq4D1TkmeSRHsl1og4FnxESGV6SgSe70u14GLC1u5q07fNHFlZ0kEeTMS00gmwkd9Z0Yg8OShVrlYZdaRMQrKOBF1BuZpzgVnmxzJ4M_g6rB0r3SCYOt13-LwTA1w-b2OCyLRf0ZTlBym-6Rld4IKCOWdeuOhpYG_CsHzL0Se8V6cX1WRAKd4wSg0QkPtHdvm2pyhWf7CA1QX4fCvCjNDoM7wH5cR5wH_euXxG-c5zTEutOTgP9ACyWXbuISmxU7HWZgJkiMoFCXrcJrIXPr8Y-tQkzz4kd-QD4ndh0Lz4fLVt4Oy6cCBPQfqwqPmP7n3E3d2VH2aF7t8nX-H2MuZl4-60iwEBGJbWRv31faMW7TxYsJklLwbk4ueNjxz2G4UJv_ZCw==&f=0 IP168.119.67.98:0 ASN#24940 Hetzner Online GmbH
File typeHTML document, ASCII text Hasha6a386e62c4be334bf5a2d54fc04db97 47409516a1848238080a5f368916e2431d20b4cd d840c324e10bbebb31481d68a212d5813c9e34991a23c85a3ee184ec06d22d0e
GET /sc?a=9LaM&c=fBFomCkaVTApnVnaFxBCj9&e=gAAAAABjQFjwJTilYKEBAbBR7Kesq4D1TkmeSRHsl1og4FnxESGV6SgSe70u14GLC1u5q07fNHFlZ0kEeTMS00gmwkd9Z0Yg8OShVrlYZdaRMQrKOBF1BuZpzgVnmxzJ4M_g6rB0r3SCYOt13-LwTA1w-b2OCyLRf0ZTlBym-6Rld4IKCOWdeuOhpYG_CsHzL0Se8V6cX1WRAKd4wSg0QkPtHdvm2pyhWf7CA1QX4fCvCjNDoM7wH5cR5wH_euXxG-c5zTEutOTgP9ACyWXbuISmxU7HWZgJkiMoFCXrcJrIXPr8Y-tQkzz4kd-QD4ndh0Lz4fLVt4Oy6cCBPQfqwqPmP7n3E3d2VH2aF7t8nX-H2MuZl4-60iwEBGJbWRv31faMW7TxYsJklLwbk4ueNjxz2G4UJv_ZCw==&f=0 HTTP/1.1
Host: curvyalpaca.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://curvyalpaca.cc/click?a=9LaM&e=gAAAAABjQFjvZS6Hcqh3ma3W9rLeMh2A-VRnkINMRHeebtB-C9yYds72NbdVO2YN1waIxRHPmB6Mcnp92m2tCJOu71D9Pl50gAUv7YHy3KscUgzgF5Ttomj3UX4uqH88NfCPAAP3mR13ZlPDj8s4ULXhOIK6BDZQ_uNnHO7deqNsABnc_VTMs6u3sP5gLghDDQoV1NTZdsEYUwV4dfjibIWn2lSbW4Pz2mZkKRUpSwKR-LApN76LF_c7hz-8IZSxfTQg8oKWZcgPmjDjZkli7g345BsVJrn88PPVOEQUOjbANAxZ_QQGUC4mQlbAhENpEB9F4aB0ts7gcdwzH0HpFMAFrbeotCt-ddbS6YQKmV4AdslslhnuspS7nGEqDVXTVZoHB5vsX0YCqt3W5f15dqeA3GKR_zZf6g%3D%3D&c=AO9YQGO7IQUAmksCAE5PFgAMANo520MA
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx/1.19.1
date: Fri, 07 Oct 2022 16:50:56 GMT
content-type: text/html; charset=utf-8
content-length: 76
location: https://xml-eu-v4.webmedxml.com/click?i=T0XhQ03yPMU_0
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| curvyalpaca.cc/click?a=9LaM&e=gAAAAABjQFjvZS6Hcqh3ma3W9rLeMh2A-VRnkINMRHeebtB-C9yYds72NbdVO2YN1waIxRHPmB6Mcnp92m2tCJOu71D9Pl50gAUv7YHy3KscUgzgF5Ttomj3UX4uqH88NfCPAAP3mR13ZlPDj8s4ULXhOIK6BDZQ_uNnHO7deqNsABnc_VTMs6u3sP5gLghDDQoV1NTZdsEYUwV4dfjibIWn2lSbW4Pz2mZkKRUpSwKR-LApN76LF_c7hz-8IZSxfTQg8oKWZcgPmjDjZkli7g345BsVJrn88PPVOEQUOjbANAxZ_QQGUC4mQlbAhENpEB9F4aB0ts7gcdwzH0HpFMAFrbeotCt-ddbS6YQKmV4AdslslhnuspS7nGEqDVXTVZoHB5vsX0YCqt3W5f15dqeA3GKR_zZf6g%3D%3D&c=AO9YQGO7IQUAmksCAE5PFgAMANo520MA | 168.119.67.98 | 200 OK | 1.2 kB |
URL HTTP/2curvyalpaca.cc/click?a=9LaM&e=gAAAAABjQFjvZS6Hcqh3ma3W9rLeMh2A-VRnkINMRHeebtB-C9yYds72NbdVO2YN1waIxRHPmB6Mcnp92m2tCJOu71D9Pl50gAUv7YHy3KscUgzgF5Ttomj3UX4uqH88NfCPAAP3mR13ZlPDj8s4ULXhOIK6BDZQ_uNnHO7deqNsABnc_VTMs6u3sP5gLghDDQoV1NTZdsEYUwV4dfjibIWn2lSbW4Pz2mZkKRUpSwKR-LApN76LF_c7hz-8IZSxfTQg8oKWZcgPmjDjZkli7g345BsVJrn88PPVOEQUOjbANAxZ_QQGUC4mQlbAhENpEB9F4aB0ts7gcdwzH0HpFMAFrbeotCt-ddbS6YQKmV4AdslslhnuspS7nGEqDVXTVZoHB5vsX0YCqt3W5f15dqeA3GKR_zZf6g%3D%3D&c=AO9YQGO7IQUAmksCAE5PFgAMANo520MA IP168.119.67.98:0 ASN#24940 Hetzner Online GmbH
Hash899bf73b565605718148c81b6b99459e b8c34616ad6826540cefb45a66a473e07fbb73ef de77a4b0f31c22c7452ecc799a7e7cef9648db981366a8c259086abb15995cdc
GET /click?a=9LaM&e=gAAAAABjQFjvZS6Hcqh3ma3W9rLeMh2A-VRnkINMRHeebtB-C9yYds72NbdVO2YN1waIxRHPmB6Mcnp92m2tCJOu71D9Pl50gAUv7YHy3KscUgzgF5Ttomj3UX4uqH88NfCPAAP3mR13ZlPDj8s4ULXhOIK6BDZQ_uNnHO7deqNsABnc_VTMs6u3sP5gLghDDQoV1NTZdsEYUwV4dfjibIWn2lSbW4Pz2mZkKRUpSwKR-LApN76LF_c7hz-8IZSxfTQg8oKWZcgPmjDjZkli7g345BsVJrn88PPVOEQUOjbANAxZ_QQGUC4mQlbAhENpEB9F4aB0ts7gcdwzH0HpFMAFrbeotCt-ddbS6YQKmV4AdslslhnuspS7nGEqDVXTVZoHB5vsX0YCqt3W5f15dqeA3GKR_zZf6g%3D%3D&c=AO9YQGO7IQUAmksCAE5PFgAMANo520MA HTTP/1.1
Host: curvyalpaca.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudsoxe.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.1
date: Fri, 07 Oct 2022 16:50:56 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| xml-eu-v4.webmedxml.com/click?i=T0XhQ03yPMU_0 | 77.245.57.64 | 302 Found | 0 B |
URL HTTP/1.1xml-eu-v4.webmedxml.com/click?i=T0XhQ03yPMU_0 IP77.245.57.64:0 ASN#36057 WEBAIR-INTERNET-MTL
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=T0XhQ03yPMU_0 HTTP/1.1
Host: xml-eu-v4.webmedxml.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://curvyalpaca.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 07 Oct 2022 16:50:56 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://vatcalf.com/i6pyvv8h?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjQzMzM4OV9oVXl1RWJhckR4ZUVlUmtKOWRod1ZwIiwiYWkiOiI3YjQ2NTE4MzYzMzlhNmI4ZTYwYmQ2YzE3NzMyNzMwYiIsImJpZCI6MC4wMDAzODQsImMiOjAuOCwibCI6MzU3Nzk5MiwiZWFuIjotMSwicyI6ImZlMzM5N2U5ZDNjODgxOWZlYTM3NWU1OWIxMTc1YmI5MDQ0YzdiOWE0OGViOWQ2MzQxMjgxOGJmMWU1MWM3YTUxY2Y2N2FlZTlkZWI1MTc1NTlmMDc1NzRmN2NjN2I4MzEwYmU0Mjg3Nzk0MDhiMjMxMiIsImV0IjoiMTY2NTE2MjA1NSJ9.tKeqzVuGZKbuWBo5FetFS9xO7hsWbIUelfkPEvXTwHU&key=35cf944d4bd976392e6ee63fa824a05d&l=3577992&sub3=1665161455&pid=437927&auid=7b4651836339a6b8e60bd6c17732730b&
Pragma: no-cache
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc969929ed8bbddc917e0f56055b41f96 b25c98ffb4242755d5038aae09057307d36bc487 85e5fd46154d270872f47328f7880ee5f3faa4534b44c1a3488a82e2dac9d436
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85E5FD46154D270872F47328F7880EE5F3FAA4534B44C1A3488A82E2DAC9D436"
Last-Modified: Thu, 06 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17220
Expires: Fri, 07 Oct 2022 21:37:56 GMT
Date: Fri, 07 Oct 2022 16:50:56 GMT
Connection: keep-alive
|
|
| vatcalf.com/i6pyvv8h?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjQzMzM4OV9oVXl1RWJhckR4ZUVlUmtKOWRod1ZwIiwiYWkiOiI3YjQ2NTE4MzYzMzlhNmI4ZTYwYmQ2YzE3NzMyNzMwYiIsImJpZCI6MC4wMDAzODQsImMiOjAuOCwibCI6MzU3Nzk5MiwiZWFuIjotMSwicyI6ImZlMzM5N2U5ZDNjODgxOWZlYTM3NWU1OWIxMTc1YmI5MDQ0YzdiOWE0OGViOWQ2MzQxMjgxOGJmMWU1MWM3YTUxY2Y2N2FlZTlkZWI1MTc1NTlmMDc1NzRmN2NjN2I4MzEwYmU0Mjg3Nzk0MDhiMjMxMiIsImV0IjoiMTY2NTE2MjA1NSJ9.tKeqzVuGZKbuWBo5FetFS9xO7hsWbIUelfkPEvXTwHU&key=35cf944d4bd976392e6ee63fa824a05d&l=3577992&sub3=1665161455&pid=437927&auid=7b4651836339a6b8e60bd6c17732730b& | 192.243.61.226 | 200 OK | 3.0 kB |
URL HTTP/1.1vatcalf.com/i6pyvv8h?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjQzMzM4OV9oVXl1RWJhckR4ZUVlUmtKOWRod1ZwIiwiYWkiOiI3YjQ2NTE4MzYzMzlhNmI4ZTYwYmQ2YzE3NzMyNzMwYiIsImJpZCI6MC4wMDAzODQsImMiOjAuOCwibCI6MzU3Nzk5MiwiZWFuIjotMSwicyI6ImZlMzM5N2U5ZDNjODgxOWZlYTM3NWU1OWIxMTc1YmI5MDQ0YzdiOWE0OGViOWQ2MzQxMjgxOGJmMWU1MWM3YTUxY2Y2N2FlZTlkZWI1MTc1NTlmMDc1NzRmN2NjN2I4MzEwYmU0Mjg3Nzk0MDhiMjMxMiIsImV0IjoiMTY2NTE2MjA1NSJ9.tKeqzVuGZKbuWBo5FetFS9xO7hsWbIUelfkPEvXTwHU&key=35cf944d4bd976392e6ee63fa824a05d&l=3577992&sub3=1665161455&pid=437927&auid=7b4651836339a6b8e60bd6c17732730b& IP192.243.61.226:0 ASN#39572 DataWeb Global Group B.V.
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (573) Hash55267574441fda8a753084738271438f 3676b89cde52b393c41a06382f11d2cc0d524441 16dce19c0e956c57c617ccc95c34415cf3dd36b58e7e5b6f4b778262c7939144
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /i6pyvv8h?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjQzMzM4OV9oVXl1RWJhckR4ZUVlUmtKOWRod1ZwIiwiYWkiOiI3YjQ2NTE4MzYzMzlhNmI4ZTYwYmQ2YzE3NzMyNzMwYiIsImJpZCI6MC4wMDAzODQsImMiOjAuOCwibCI6MzU3Nzk5MiwiZWFuIjotMSwicyI6ImZlMzM5N2U5ZDNjODgxOWZlYTM3NWU1OWIxMTc1YmI5MDQ0YzdiOWE0OGViOWQ2MzQxMjgxOGJmMWU1MWM3YTUxY2Y2N2FlZTlkZWI1MTc1NTlmMDc1NzRmN2NjN2I4MzEwYmU0Mjg3Nzk0MDhiMjMxMiIsImV0IjoiMTY2NTE2MjA1NSJ9.tKeqzVuGZKbuWBo5FetFS9xO7hsWbIUelfkPEvXTwHU&key=35cf944d4bd976392e6ee63fa824a05d&l=3577992&sub3=1665161455&pid=437927&auid=7b4651836339a6b8e60bd6c17732730b& HTTP/1.1
Host: vatcalf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://curvyalpaca.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 07 Oct 2022 16:50:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17033418; expires=Sat, 08 Oct 2022 16:50:57 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzMzQxOCwiayI6IjM1Y2Y5NDRkNGJkOTc2MzkyZTZlZTYzZmE4MjRhMDVkIiwic2lkIjoiNDMzMzg5X2hVeXVFYmFyRHhlRWVSa0o5ZGh3VnAiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE3OTcyMzAsInBpZCI6NDM3OTI3LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMzLCJhaWQiOjI4LCJwdCI6OSwicGsiOiJpNnB5dnY4aCIsInQiOjF9LCJwYiI6eyJyZXAiOiJodHRwczovL3d3dy5nb29nbGUuY29tLyIsImlmIjp0cnVlLCJuYyI6ZmFsc2UsIm5qIjpmYWxzZSwiaW4iOmZhbHNlLCJ0cCI6MSwibmEiOmZhbHNlfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY3VydnlhbHBhY2EuY2MvIn19.VJLn-GJKQEJBzwI5FR52QX-_AURUvzjRpT8nnKr1mis; expires=Fri, 07 Oct 2022 16:51:57 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7f009fc6957262d0ce826806c0f6ca6b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| vatcalf.com/i6pyvv8h?pst=1665161517&rmtc=t&uuid=&pii=&in=false&refer=https%3A%2F%2Fcurvyalpaca.cc%2F&key=35cf944d4bd976392e6ee63fa824a05d&pid=437927&auid=7b4651836339a6b8e60bd6c17732730b&l=3577992&sub3=1665161455&shu=5b6376b77e6ab3b2fde572e773af0a675f19d0b0ee35f00b09b2b90cca0b72e1fb7129e7f148908315dd0207d5b99f2e0ba68637c64c45481f3f46f2a1eeadc3fbf16b7b9693e4579b77a662de75b92f2014c18a&fr=0&sw2=1280&sh2=939&sw3=1280&sh3=176&sw4=1280&sh4=939&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1002&auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjQzMzM4OV9oVXl1RWJhckR4ZUVlUmtKOWRod1ZwIiwiYWkiOiI3YjQ2NTE4MzYzMzlhNmI4ZTYwYmQ2YzE3NzMyNzMwYiIsImJpZCI6MC4wMDAzODQsImMiOjAuOCwibCI6MzU3Nzk5MiwiZWFuIjotMSwicyI6ImZlMzM5N2U5ZDNjODgxOWZlYTM3NWU1OWIxMTc1YmI5MDQ0YzdiOWE0OGViOWQ2MzQxMjgxOGJmMWU1MWM3YTUxY2Y2N2FlZTlkZWI1MTc1NTlmMDc1NzRmN2NjN2I4MzEwYmU0Mjg3Nzk0MDhiMjMxMiIsImV0IjoiMTY2NTE2MjA1NSJ9.tKeqzVuGZKbuWBo5FetFS9xO7hsWbIUelfkPEvXTwHU | 192.243.61.226 | 302 Found | 0 B |
URL HTTP/1.1vatcalf.com/i6pyvv8h?pst=1665161517&rmtc=t&uuid=&pii=&in=false&refer=https%3A%2F%2Fcurvyalpaca.cc%2F&key=35cf944d4bd976392e6ee63fa824a05d&pid=437927&auid=7b4651836339a6b8e60bd6c17732730b&l=3577992&sub3=1665161455&shu=5b6376b77e6ab3b2fde572e773af0a675f19d0b0ee35f00b09b2b90cca0b72e1fb7129e7f148908315dd0207d5b99f2e0ba68637c64c45481f3f46f2a1eeadc3fbf16b7b9693e4579b77a662de75b92f2014c18a&fr=0&sw2=1280&sh2=939&sw3=1280&sh3=176&sw4=1280&sh4=939&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1002&auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjQzMzM4OV9oVXl1RWJhckR4ZUVlUmtKOWRod1ZwIiwiYWkiOiI3YjQ2NTE4MzYzMzlhNmI4ZTYwYmQ2YzE3NzMyNzMwYiIsImJpZCI6MC4wMDAzODQsImMiOjAuOCwibCI6MzU3Nzk5MiwiZWFuIjotMSwicyI6ImZlMzM5N2U5ZDNjODgxOWZlYTM3NWU1OWIxMTc1YmI5MDQ0YzdiOWE0OGViOWQ2MzQxMjgxOGJmMWU1MWM3YTUxY2Y2N2FlZTlkZWI1MTc1NTlmMDc1NzRmN2NjN2I4MzEwYmU0Mjg3Nzk0MDhiMjMxMiIsImV0IjoiMTY2NTE2MjA1NSJ9.tKeqzVuGZKbuWBo5FetFS9xO7hsWbIUelfkPEvXTwHU IP192.243.61.226:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /i6pyvv8h?pst=1665161517&rmtc=t&uuid=&pii=&in=false&refer=https%3A%2F%2Fcurvyalpaca.cc%2F&key=35cf944d4bd976392e6ee63fa824a05d&pid=437927&auid=7b4651836339a6b8e60bd6c17732730b&l=3577992&sub3=1665161455&shu=5b6376b77e6ab3b2fde572e773af0a675f19d0b0ee35f00b09b2b90cca0b72e1fb7129e7f148908315dd0207d5b99f2e0ba68637c64c45481f3f46f2a1eeadc3fbf16b7b9693e4579b77a662de75b92f2014c18a&fr=0&sw2=1280&sh2=939&sw3=1280&sh3=176&sw4=1280&sh4=939&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1002&auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjQzMzM4OV9oVXl1RWJhckR4ZUVlUmtKOWRod1ZwIiwiYWkiOiI3YjQ2NTE4MzYzMzlhNmI4ZTYwYmQ2YzE3NzMyNzMwYiIsImJpZCI6MC4wMDAzODQsImMiOjAuOCwibCI6MzU3Nzk5MiwiZWFuIjotMSwicyI6ImZlMzM5N2U5ZDNjODgxOWZlYTM3NWU1OWIxMTc1YmI5MDQ0YzdiOWE0OGViOWQ2MzQxMjgxOGJmMWU1MWM3YTUxY2Y2N2FlZTlkZWI1MTc1NTlmMDc1NzRmN2NjN2I4MzEwYmU0Mjg3Nzk0MDhiMjMxMiIsImV0IjoiMTY2NTE2MjA1NSJ9.tKeqzVuGZKbuWBo5FetFS9xO7hsWbIUelfkPEvXTwHU HTTP/1.1
Host: vatcalf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vatcalf.com/i6pyvv8h?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=17033418
Cookie: u_pl=17033418; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAzMzQxOCwiayI6IjM1Y2Y5NDRkNGJkOTc2MzkyZTZlZTYzZmE4MjRhMDVkIiwic2lkIjoiNDMzMzg5X2hVeXVFYmFyRHhlRWVSa0o5ZGh3VnAiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE3OTcyMzAsInBpZCI6NDM3OTI3LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMzLCJhaWQiOjI4LCJwdCI6OSwicGsiOiJpNnB5dnY4aCIsInQiOjF9LCJwYiI6eyJyZXAiOiJodHRwczovL3d3dy5nb29nbGUuY29tLyIsImlmIjp0cnVlLCJuYyI6ZmFsc2UsIm5qIjpmYWxzZSwiaW4iOmZhbHNlLCJ0cCI6MSwibmEiOmZhbHNlfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY3VydnlhbHBhY2EuY2MvIn19.VJLn-GJKQEJBzwI5FR52QX-_AURUvzjRpT8nnKr1mis; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Fri, 07 Oct 2022 16:50:57 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17033418
Set-Cookie: pdhtkv=true; expires=Sat, 08 Oct 2022 16:50:57 GMT
uncs=1; expires=Sat, 08 Oct 2022 16:50:57 GMT
pdhtkv28=true; expires=Sat, 08 Oct 2022 16:50:57 GMT
uncs28=1; expires=Sat, 08 Oct 2022 16:50:57 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3311a6eed6abbb8d53e1b7774aab2ded
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17033418 | 23.36.79.43 | 301 Moved Permanently | 0 B |
URL HTTP/2adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17033418 IP23.36.79.43:0 ASN#20940 Akamai International B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17033418 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vatcalf.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; affiliateId=1; B-TAG=320669908_DE3BEF7BAAEB4AA4A46505908242DDF3; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_DE3BEF7BAAEB4AA4A46505908242DDF3%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&sref=ADST&ADST=17033418&affiliateId=1&pid=85964855&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Fri, 07 Oct 2022 16:50:57 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 07 Oct 2022 16:50:57 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; domain=.unibet.com; expires=Sun, 07-Oct-3021 16:50:57 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=22, origin; dur=36
X-Firefox-Spdy: h2
|
|
| no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&sref=ADST&ADST=17033418&affiliateId=1&pid=85964855&bid=37950 |  85.184.96.0 | 301 Moved Permanently | 0 B |
URL HTTP/2no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&sref=ADST&ADST=17033418&affiliateId=1&pid=85964855&bid=37950 IP85.184.96.0:0 ASN#47171 Unibet Services Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&sref=ADST&ADST=17033418&affiliateId=1&pid=85964855&bid=37950 HTTP/1.1
Host: no.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vatcalf.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref=; campaignId=2750545; affiliateId=1; B-TAG=320669908_DE3BEF7BAAEB4AA4A46505908242DDF3; BID=37950; PID=85891437; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D320669908_DE3BEF7BAAEB4AA4A46505908242DDF3%26sref%3DGIG%26GIG%3DNO_DESK_SB%26affiliateId%3D1%26pid%3D85891437%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 07 Oct 2022 16:50:58 GMT
content-length: 0
location: https://no.unibet.com:443/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&sref=ADST&ADST=17033418&affiliateId=1&pid=85964855&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A85964855-37950
set-cookie: JSESSIONID=node07fx3wx6cp5geq7xrx90w8xpg2324477.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; Path=/; Domain=.unibet.com; Expires=Sun, 06-Oct-2024 16:50:58 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.com; Expires=Sun, 06-Oct-2024 16:50:58 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://vatcalf.com/"; Path=/; Domain=.unibet.com; Expires=Sun, 06-Oct-2024 16:50:58 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=38902081; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Fri, 07-Oct-2022 16:51:13 GMT; Max-Age=15; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=38902081; Secure; SameSite=None
B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=38902081; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=38902081; Secure; SameSite=None
PID=85964855; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=38902081; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fvatcalf.com%2F; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=38902081; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=38902081; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=38902081; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Fri, 07-Oct-2022 16:51:13 GMT; Max-Age=15; Secure; SameSite=None
campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=38902081; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Fri, 07-Oct-2022 16:51:13 GMT; Max-Age=15; Secure; SameSite=None
clientId=polopoly_desktop; Domain=no.unibet.com; Path=/; SameSite=None; Secure
referer: https://vatcalf.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Fri, 07 Oct 2022 16:50:58 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| no.unibet.com/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&sref=ADST&ADST=17033418&affiliateId=1&pid=85964855&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A85964855-37950 | 85.184.96.0 | 301 Moved Permanently | 0 B |
URL HTTP/2no.unibet.com/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&sref=ADST&ADST=17033418&affiliateId=1&pid=85964855&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A85964855-37950 IP85.184.96.0:0 ASN#47171 Unibet Services Limited
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&sref=ADST&ADST=17033418&affiliateId=1&pid=85964855&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A85964855-37950 HTTP/1.1
Host: no.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vatcalf.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 07 Oct 2022 16:50:58 GMT
content-length: 0
location: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Fri, 07 Oct 2022 16:50:58 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| ocsp.securetrust.com/ | 23.36.79.19 | 200 OK | 638 B |
IP23.36.79.19:0 ASN#20940 Akamai International B.V.
Hash4c438d61aec73d0a3c515334a49b367f 31fcdb551fbaf51a9bd46af84e12868ed3a6cd40 f4dedc353835b16bd6ffea3420edbcb9758e087a31610f49763b462c981506d2
POST / HTTP/1.1
Host: ocsp.securetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 638
Date: Fri, 07 Oct 2022 16:50:58 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash1d13c38762edee3ea0af663f3e4553be 894a45402ded63c20b5062b2aae8b3894be80996 781d3684b9efe9d34182e7a740c759749a80c085576681bd5077d342e4448ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 16:50:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash18e0e019cd697bb16806d8f00408a319 60ceb13c31595e6cf9bb6800657e4593a1fbd670 7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 16:50:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js | 85.184.96.5 | 200 OK | 956 B |
URL HTTP/2a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js IP85.184.96.5:0 ASN#47171 Unibet Services Limited
Hashfd48e87ecd4d06d9c5df490b91dc813e a65a437db44444634e4f41732c590c1d14433b3f 2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| welcome.unibet.com/no/pop/multisport/gambling-commission.png | 108.161.188.196 | 301 Moved Permanently | 178 B |
URL HTTP/2welcome.unibet.com/no/pop/multisport/gambling-commission.png IP108.161.188.196:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hashcd2e0e43980a00fb6a2742d3afd803b8 81ffbd1712afe8cdf138b570c0fc9934742c33c1 bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /no/pop/multisport/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: text/html
content-length: 178
location: https://www.unibet.com/
server: NetDNA-cache/2.2
x-cache: MISS
X-Firefox-Spdy: h2
|
|
| a1s.unibet.com/orval/tracking/lastclick.min.js | 85.184.96.5 | 200 OK | 976 B |
URL HTTP/2a1s.unibet.com/orval/tracking/lastclick.min.js IP85.184.96.5:0 ASN#47171 Unibet Services Limited
Hashce820d2b32edca95e45481cef4168970 864e9f4ecd8c4c1524b707a53f3e21b79bd8ce3e ace1bd3ac5c2915378f87c1571dc2659e8ac3ea65420356ffa9cd324fb01c0de
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:24 GMT
etag: W/"705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
|
|
| welcome.unibet.com/custom.js | 108.161.188.196 | 200 OK | 2.7 kB |
URL HTTP/2welcome.unibet.com/custom.js IP108.161.188.196:0
Hash5aef69a8f24494acfbe5d6f08a50eb10 bde7a96bb5730fd560d13026acc19f4038c776fc 2914cdec46229c3d04350213864935d6fd3e0698c3cb5110fad94230316912fa
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: a144a6b8-201e-0064-0d29-dae39a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashaea480478c3be7392d09e8a92826542f b660fb42c8122efb07b3d1de1a8907ad1f6e1a60 ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 16:50:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| welcome.unibet.com/no/pop/multisport/1-background-black.jpg | 108.161.188.196 | 200 OK | 98 kB |
URL HTTP/2welcome.unibet.com/no/pop/multisport/1-background-black.jpg IP108.161.188.196:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data Hash8e6d9af5ef1badfe9295b8fc96793c28 e37cdf4093dc0a47246be7360e7945f91991f073 de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /no/pop/multisport/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: image/jpeg
content-length: 98453
cache-control: public, max-age=900, immutable
content-md5: jm2a9e8brf6Slbj8lnk8KA==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: "0x8DA52B6801D0B27"
x-ms-request-id: 696fd5b4-701e-0056-7a6c-dae3ed000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| welcome.unibet.com/no/pop/multisport/Unibet_Pro_2020.woff2 | 108.161.188.196 | 200 OK | 11 kB |
URL HTTP/2welcome.unibet.com/no/pop/multisport/Unibet_Pro_2020.woff2 IP108.161.188.196:0
File typeWeb Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data Hash0ea5bcff84ae44840b6e9c9d12c8b963 6c827e1adb18775d2fdfbbbfef63cc9b66243ed2 b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b
GET /no/pop/multisport/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: font/woff2
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Mon, 20 Jun 2022 12:15:05 GMT
etag: "0x8DA52B682E2A11A"
x-ms-request-id: b6835e18-701e-0034-6a6c-da21ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashaea480478c3be7392d09e8a92826542f b660fb42c8122efb07b3d1de1a8907ad1f6e1a60 ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 16:50:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| welcome.unibet.com/widget/betslip/betslip.js | 108.161.188.196 | 200 OK | 20 kB |
URL HTTP/2welcome.unibet.com/widget/betslip/betslip.js IP108.161.188.196:0
Hash9324c07015d5e46e199ae6e587693516 9bb32f9dea4d719d3855648f88e83697bca04bb3 14a3eb8593c425999e90566d12b86e60032b096ce27f0425a220298366537a3d
GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: 7d4ad634-d01e-0070-756c-daabf5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| welcome.unibet.com/no/pop/multisport/com-payments.svg | 108.161.188.196 | 200 OK | 86 kB |
URL HTTP/2welcome.unibet.com/no/pop/multisport/com-payments.svg IP108.161.188.196:0
Hashd2d56daafa5807d4690e9f93833edd7a ed5a8cb994b8b8b0a71c62a899ecc73d2d853e86 49a7cd4378dea9b178ef4ad2c70959054c0dffdae143a9b76975da3f93f75b6e
GET /no/pop/multisport/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 20 Jun 2022 12:15:02 GMT
etag: W/"0x8DA52B680877D2F"
x-ms-request-id: 5401fe62-b01e-003b-686b-da57a6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 | 216.58.207.195 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data Hashb9c29351c46f3e8c8631c4002457f48a e57e59c5780995ff2937ab2b511a769212974a87 f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:21 GMT
expires: Thu, 05 Oct 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 162997
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| no.unibet.com/ | 85.184.96.0 | 200 OK | 28 kB |
IP85.184.96.0:0 ASN#47171 Unibet Services Limited
Hash031935cc7c642380b58af3244d5103b1 0793ccfdfe03bb63efc08f4e65b1ccd8941788aa 5040136a0bceba347fe99221ce8281b6366df6d859641429efedbeecfad19daf
GET / HTTP/1.1
Host: no.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: text/html;charset=utf-8
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=10
expires: Fri, 07 Oct 2022 16:50:56 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashaea480478c3be7392d09e8a92826542f b660fb42c8122efb07b3d1de1a8907ad1f6e1a60 ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 16:50:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| welcome.unibet.com/no/pop/multisport/unibet-logo.svg | 108.161.188.196 | 200 OK | 1.5 kB |
URL HTTP/2welcome.unibet.com/no/pop/multisport/unibet-logo.svg IP108.161.188.196:0
Hash43b7eece26e4b7aab9e1df083ad75d6b ba0192ddeeb083d918311fd2e1df939c1d29eb18 f95cfa27f7501bc80ca88a4065253681a337ed63eb81e7d61458e276e1547876
GET /no/pop/multisport/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: W/"0x8DA52B6805B919A"
x-ms-request-id: b6829cbd-701e-0034-446b-da21ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| welcome.unibet.com/no/pop/multisport/icon-expert.svg | 108.161.188.196 | 200 OK | 0 B |
URL HTTP/2welcome.unibet.com/no/pop/multisport/icon-expert.svg IP108.161.188.196:0
GET /no/pop/multisport/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B6820929CB"
x-ms-request-id: e7f603ef-601e-0007-4d6c-da7e61000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| no.unibet.com/ | 85.184.96.0 | 200 OK | 0 B |
IP85.184.96.0:0 ASN#47171 Unibet Services Limited
GET / HTTP/1.1
Host: no.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: text/html;charset=utf-8
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=10
expires: Fri, 07 Oct 2022 16:50:56 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| cloudsoxe.com/file/fe06fa | 188.114.97.1 | 200 OK | 0 B |
URL HTTP/2cloudsoxe.com/file/fe06fa IP188.114.97.1:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /file/fe06fa HTTP/1.1
Host: cloudsoxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:50 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOJuWHNX6zFAzqlYbvBA5wGBjqkvbzba9VCuk8NJF6lvBjhAhW6oFdBwx8%2FLuDwL3C%2BivJOF0KAPkfpNmK%2FOvu1WG9w5wZww8KknRoBaWSzUEUomzlwEmWIn0UFq8jig"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 756823576b2fb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| welcome.unibet.com/no/pop/multisport/read_json.js | 108.161.188.196 | 200 OK | 0 B |
URL HTTP/2welcome.unibet.com/no/pop/multisport/read_json.js IP108.161.188.196:0
GET /no/pop/multisport/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B6834CEC1B"
x-ms-request-id: 9d889ef7-701e-0079-4e6b-daee26000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| script.crazyegg.com/pages/scripts/0012/9242.js | 104.19.148.8 | 200 OK | 0 B |
URL HTTP/2script.crazyegg.com/pages/scripts/0012/9242.js IP104.19.148.8:0
GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.4.21
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=5668
last-modified: Fri, 07 Oct 2022 14:53:45 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 7033
vary: Accept-Encoding
server: cloudflare
cf-ray: 7568238df833b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| welcome.unibet.com/no/pop/multisport/utv-logo.svg | 108.161.188.196 | 200 OK | 0 B |
URL HTTP/2welcome.unibet.com/no/pop/multisport/utv-logo.svg IP108.161.188.196:0
GET /no/pop/multisport/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: W/"0x8DA52B680312C74"
x-ms-request-id: 3e1be00b-501e-0041-556b-da4ae6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| welcome.unibet.com/no/pop/multisport/app-store-ro.svg | 108.161.188.196 | 200 OK | 0 B |
URL HTTP/2welcome.unibet.com/no/pop/multisport/app-store-ro.svg IP108.161.188.196:0
GET /no/pop/multisport/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68300D310"
x-ms-request-id: c2814065-b01e-0004-086c-da9f05000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| welcome.unibet.com/no/pop/multisport/icon-sports.svg | 108.161.188.196 | 200 OK | 0 B |
URL HTTP/2welcome.unibet.com/no/pop/multisport/icon-sports.svg IP108.161.188.196:0
GET /no/pop/multisport/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B682395A83"
x-ms-request-id: 7a6beefb-a01e-0037-476c-dac0ae000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| welcome.unibet.com/no/pop/multisport/1-styles.css | 108.161.188.196 | 200 OK | 0 B |
URL HTTP/2welcome.unibet.com/no/pop/multisport/1-styles.css IP108.161.188.196:0
GET /no/pop/multisport/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: W/"0x8DA52B67FB09D8F"
x-ms-request-id: 69ffb13f-401e-002f-6f6b-da1fc9000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| script.crazyegg.com/pages/scripts/0012/9242.js?462544 | 104.19.148.8 | 200 OK | 0 B |
URL HTTP/2script.crazyegg.com/pages/scripts/0012/9242.js?462544 IP104.19.148.8:0
GET /pages/scripts/0012/9242.js?462544 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.4.21
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=5668
last-modified: Fri, 07 Oct 2022 14:53:45 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 7033
vary: Accept-Encoding
server: cloudflare
cf-ray: 7568238e0842b4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| welcome.unibet.com/no/pop/multisport/app-sports-icon.svg | 108.161.188.196 | 200 OK | 0 B |
URL HTTP/2welcome.unibet.com/no/pop/multisport/app-sports-icon.svg IP108.161.188.196:0
GET /no/pop/multisport/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B682FA1D49"
x-ms-request-id: d8c700e6-201e-0029-236c-da2c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855 | 108.161.188.196 | 200 OK | 0 B |
URL HTTP/2welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855 IP108.161.188.196:0
GET /no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vatcalf.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: NGkNgKvE41ztpclvs1gdSA==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: W/"0x8DA52B67FA63ED8"
x-ms-request-id: 22edab46-b01e-0049-416c-da50e9000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| welcome.unibet.com/no/pop/multisport/1-main.js | 108.161.188.196 | 200 OK | 0 B |
URL HTTP/2welcome.unibet.com/no/pop/multisport/1-main.js IP108.161.188.196:0
GET /no/pop/multisport/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68343779E"
x-ms-request-id: 868ea890-701e-0069-526b-da2b4e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| welcome.unibet.com/no/pop/multisport/google-play-ro.svg | 108.161.188.196 | 200 OK | 0 B |
URL HTTP/2welcome.unibet.com/no/pop/multisport/google-play-ro.svg IP108.161.188.196:0
GET /no/pop/multisport/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68307D6EA"
x-ms-request-id: 77028bf0-201e-0074-246c-da26f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| welcome.unibet.com/no/pop/multisport/icon-trust.svg | 108.161.188.196 | 200 OK | 0 B |
URL HTTP/2welcome.unibet.com/no/pop/multisport/icon-trust.svg IP108.161.188.196:0
GET /no/pop/multisport/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:85964855-37950&btag=127656177_BA437B80BFBA4E86978729F4CBCA2C4C&bid=37950&campaignId=2750545&pid=85964855
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665154467360)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C20221071454%22%7d%2c%7b%22PID%22%3a85964855%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665161457951)%5c%2f%22%2c%22CookieTag%22%3a%223795085964855451240919C20221071650%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228197440371%7c1%22%7d%5d; __ucbt=node01u3sz15w0p2nj1bdzgkrruwnl; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; affiliateId=1; B-TAG=127656177_BA437B80BFBA4E86978729F4CBCA2C4C; BID=37950; PID=85964855; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19273%7CMCMID%7C32301004713216041503985163365586510321%7CMCAAMLH-1665759268%7C6%7CMCAAMB-1665759268%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665161668s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19280%7CvVersion%7C4.4.0; _ce.s=v~05413ec8abb06ceeea20bf7b9f2fa6bd698299c9~vpv~0~v11.rlc~1665154469091; framework.forceBigLandingArea=; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_BA437B80BFBA4E86978729F4CBCA2C4C%26sref%3DADST%26ADST%3D17033418%26affiliateId%3D1%26pid%3D85964855%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 16:50:58 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B68201D7DE"
x-ms-request-id: a5ded643-301e-0057-176b-dabc31000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
104.21.46.32