Report - forgerylimit.com/cgn59frwp?bfkm=39&refer=https3a2f2fdeliriousholistic.net2fembed2f1hz0ggi4e&kw=5b5d&key=82054d468d1245b12f8e814444d99462&scrwidth=1920&scrheight=1080&tz=2&v=22.8.v.1&ship=&sub3=invoke_layer&res=13.1055&dev=e&psid=ns.to&adb=y&adb=y

Report Overview

Submitted URL
forgerylimit.com/cgn59frwp?bfkm=39&refer=https3a2f2fdeliriousholistic.net2fembed2f1hz0ggi4e&kw=5b5d&key=82054d468d1245b12f8e814444d99462&scrwidth=1920&scrheight=1080&tz=2&v=22.8.v.1&ship=&sub3=invoke_layer&res=13.1055&dev=e&psid=ns.to&adb=y&adb=y
IP
192.243.61.225
ASN
#39572 DataWeb Global Group B.V.
Submitted
2022-09-08 20:20:47
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
pagestates-tracking.crazyegg.com	3647	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	648 B	54.230.111.22
cdn.bannerflow.com	23819	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	1.7 kB	104.16.173.188
www.unibet.com	318338	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	688 B	85.184.96.0
ocsp.securetrust.com	18792	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	332 B	793 B	23.36.79.25
welcome.unibet.com	242429	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	29 kB	247 kB	108.161.188.196
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	80 kB	142.250.74.72
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.160.51.228
a1s.unibet.com	297625	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.0 kB	85.184.96.5
adserving.unibet.com	98000	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	519 B	1.3 kB	23.36.79.43
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	2.2 kB	93.184.220.29
dpm.demdex.net	204	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.6 kB	54.154.199.204
cm.everesttech.net	996	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	417 B	475 B	54.154.221.23
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	746 B	142.250.74.10
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
no.unibet.com	201503	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	6.5 kB	85.184.96.0
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.9 kB	54.230.245.39
tracking.crazyegg.com	3633	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	221 B	108.128.203.219
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	32 kB	142.250.74.10
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	1.0 kB	104.21.63.54
script.crazyegg.com	1992	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	34 kB	104.19.148.8
unibetlondonltd.d3.sc.omtrdc.net	444877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	992 B	13.36.218.177
assets-tracking.crazyegg.com	3651	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	398 B	648 B	54.230.111.114
a1s-cdn.unibet.com	283505	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	1.7 kB	85.184.96.5
forgerylimit.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.2 kB	192.243.59.13
secure.adnxs.com	396	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	772 B	1.8 kB	185.89.210.90

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-08	medium	forgerylimit.com	Sinkholed
2022-09-08	medium	forgerylimit.com	Sinkholed

JavaScript (40)

	URL	Size	First Seen	Last Seen
	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102	5.4 kB	2023-03-07	2023-08-08
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-08-08 14:09:19 Times Seen1025 Hash 26c5eb641d4b8e7a86948e5a397d4203 9bf9b195284806ae56e32f7a0531ad91ad7bf731 aee310721d3d1cb60cdb3e4d714451c5ef94b93e820d0f08bdbb1b04f00d9b73 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102	7.5 kB	2023-03-07	2023-04-27
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-04-27 00:24:56 Times Seen338 Hash f11aa08db800dc0e89f963fb3043f461 565fea671f23ae5189aa25ffcc5d0f2e548f72b2 b494d197c2e32274ca7543dd7828afb81a72db96a88da514f5f8ec45f73649ac Loading...

	welcome.unibet.com/no/pop/multisport/read_json.js	5.4 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/no/pop/multisport/read_json.js IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen8425 Hash ac64b59c98bbe50cf69b6c98fa39585c 0a5cc9fb43b8a208481baaf752dbd504078a764b 28ac02c7302149814ed1c1b8a31b96e1ea94247c3b64888a598f66955d28312c Loading...

	welcome.unibet.com/custom.js	5.9 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/custom.js IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen8697 Hash 7bf01e92dd55d5fa298f55fbcb9afd30 4db58eaa64d33bce2d1ae88d5ed6919d8986f8dc 2c13bba84b390447c18343fd8319ca7aea45208f53fb3143ed27c354fd5b2b1f Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102	218 B	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen5375 Hash 91824c153a2424389807187ea41b9137 0ac7bf21044c90de1568152896efb9466c90b412 74abc0c84e63335fab7da57b01856b457f332b55d1ae539baadb180b13be726c Loading...

	script.crazyegg.com/pages/scripts/0012/9242.js	5.6 kB	2023-03-07	2023-03-17
Pretty URL script.crazyegg.com/pages/scripts/0012/9242.js IP 104.19.148.8 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-03-17 11:41:58 Times Seen1 Hash 87e05bef35428a6b710e4eb93dc90327 c702ee7257d308e90e03525623634f964424d0c7 fb9ee43d7595cad59f504b5bd6035e3e406426d8867476ea1f13e1bacf496fb2 Loading...

	script.crazyegg.com/pages/versioned/common-scripts/f0ea59b706193b189a5effb0b5ea05bc.js	95 kB	2023-03-07	2023-03-17
Pretty URL script.crazyegg.com/pages/versioned/common-scripts/f0ea59b706193b189a5effb0b5ea05bc.js IP 104.19.148.8 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:40 Last Seen2023-03-17 11:26:10 Times Seen1 Hash 11f2c36495e0cdc42420dbf316440845 96d63d5a641324fcc1a7a92ee6e8b927eca47378 3bc76d046f3630ae20a8755505557af65634ed384539fa147c1aa9abd6d81fe3 Loading...

	welcome.unibet.com/no/pop/multisport/1-main.js	4.5 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/no/pop/multisport/1-main.js IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen8257 Hash 04fc48de78cbfc5d1557e9df399c7733 e1bf77a4fef1943b0eab404c4abbe9477cb373e0 4c6d70ebaf667a642560297cdca94fa760d3624e1f4cab0da08711f0c492fed6 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102	37 kB	2023-03-07	2023-11-06
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-11-06 09:27:16 Times Seen2374 Hash 93db3dee4c43b7d39a245c49591ba4b5 e22687abedfc3b2496fa1b3ba61a2f567f1211b8 0dc951e8d75c93a7d625da52744fcecb22b197c2f92783dd71f1cfead1b9b043 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102	2.2 kB	2023-03-07	2023-10-02
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1647 Hash c0f99959e76a9ae3302a785606121738 b7121b4e8dfd06a376a210933831917cf22131a7 8635426cb6fbc3d728559ba093c8aa5455f2d5338aefb695ef68aa88a406f615 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102	147 B	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6862 Hash 1d18cffe3fc76896ca02254b5879b535 1a8fec7049c5644eaab6f7aecf8672f3f858d037 cb934bad0e7cb0b0b2edbc619a28b2d7ee4960dba893c3c2ce2a63e458d8af5b Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102	721 B	2023-03-07	2023-06-27
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-06-27 14:28:54 Times Seen839 Hash 9c83e2435e1e8d72ce6b63ef2ff44894 bd04a958ae23aaf1b3d427b9bffaf4d041956be1 3c5e987ccf5ca2a1dbf43e2d257bf114e113add7d384d433055c1261722b06fb Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102	277 B	2023-03-07	2023-09-21
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-09-21 14:18:09 Times Seen1576 Hash a06048fa305b7e3bd9b89366aee69071 05699ca86b944c67a0fc3240aeace995d9563200 4bdeff956fa33cb08c22fb884ba60fbb1f06c137b1df07e5f493ae4e3d6f88ff Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102	2.7 kB	2023-03-07	2023-06-27
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-06-27 14:28:54 Times Seen838 Hash 4f81620c61dcee3796fd3363a5338651 1739f9bd67e9cb64b61159e14a698c4ace82fe69 b7b20a7ae40fdd82ac83c2ed9064230801e050eaccfa28c2c5cc847d34dec6a9 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102	2.6 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6831 Hash cd03538fc58df8693fe9af9337788f0f 408a15551710117d0538fc9442a55b5678bb85a5 cc933dd733a6db1a1a9ff1d7c0adb26717fa27d4d177b7a5a2cab0bfdb353562 Loading...

	welcome.unibet.com/widget/betslip/betslip.js	15 kB	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/widget/betslip/betslip.js IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen13385 Hash 5770dc60397ffb834d1280aa7bcebbd0 f0bbf2136b83babe5a8f70eeff2308279e9a0d3a 42e08e8d4858e610d87679ab66e8a7cf4b575614c0aa1423d8a1c0245bda9a52 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102	364 B	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6836 Hash b7207d294237fb810195b41fdd3cac28 ff7ef257957cbc2074fa5814177bb7cbbac44eb2 12f39122cef3c11903118c0f4769199ddc1e0e5ba13d7dbe8373e5c77391baf5 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 08:03:39 Times Seen37056838 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102	235 B	2023-03-07	2023-06-27
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-06-27 14:28:54 Times Seen842 Hash d7e6cfa80c6d4f83e56972a515a7bc87 54da9ec648815ef2ef225e69c698f4d8a21363bf 94782f5573acd5c9f8a8131ea8ec3e313d02f077e9766508af6aecd952572c58 Loading...

	unibet.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwelcome.unibet.com	6.7 kB	2023-03-07	2024-03-23
Pretty URL unibet.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwelcome.unibet.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-03-23 05:26:10 Times Seen1169 Hash bea2f42512935b636558e81988e2d51f 2c9772b62f6eb8a3cec9c3a6fb9c0b22c927e59d 0cc5ff21c24654308609656ebcfda2d792d15f6fda17c0a88b551fcf8e456fdb Loading...

	a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js	957 B	2023-03-07	2024-02-01
Pretty URL a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js IP 85.184.96.5 ASN #47171 Unibet Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 01:39:23 Times Seen1064 Hash e19225e3eb562a3b6a86f7b8b47c38fb ce3eb55448afd8fc9dfa4ac82f8743a009d5e142 c152526a02cb050650847e999ae141eae985472fbf73c5a843160b3b6bb06f79 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102	299 B	2023-03-07	2023-03-17
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-03-17 12:44:54 Times Seen1 Hash 9b18f9d85f3def5f894ab2798242ba20 83806fc6e857abdf1227f0563c38ccbad4df8a0b 135c63561f0ce029193fa9b2466524c34ef43f4e94ec3c5d92ae757bf64e1d79 Loading...

	a1s.unibet.com/orval/tracking/lastclick.min.js	1.8 kB	2023-03-07	2024-02-01
Pretty URL a1s.unibet.com/orval/tracking/lastclick.min.js IP 85.184.96.5 ASN #47171 Unibet Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen5726 Hash 8027969a31091dd0d3a7813f95ee7e10 591677c488b8b98532778e11adc9348253a014a4 5166be250f7de7d316b5fb9778843cc3268ce3e00f917530f65e99dcdb355b60 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102	92 B	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6846 Hash 7f0f3c1a6218ba26e0a2303513a4b789 a8d06c9a0d0b367220509b18213f6b102f4b4fc0 faffe243fd7f581af68fd7dafdf86ff1e5c0824831f03d5758cb309da65fddda Loading...

	forgerylimit.com/cgn59frwp?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=17230429	2.1 kB	2023-03-07	2023-04-05
Pretty URL forgerylimit.com/cgn59frwp?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=17230429 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-04-05 02:12:07 Times Seen388 Hash 4fd91164aa79d34ae401150b9f112bbe a09fe46ece27e06c82f059c481090481804461bc e717b18eba32145b270f89fb30d50c51c6fdd7060deff6f467fc8621973123f8 Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102	307 B	2023-03-07	2024-02-01
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6858 Hash 5633bd464ac4d5c3fab4b6c6db04c743 e9b255450e7612595382082329b0fe88904abcee ca8576fcf8d4ca2350c9fe2a7976729e6e3c6b42ca948060a509a1eed46e93fd Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102	667 B	2023-03-07	2023-09-21
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-09-21 14:18:09 Times Seen1578 Hash 2d41aac452b14ef4b388a79a47791b35 cee1071dcf7b8095fe214afc02177dc39bd4f973 44ed144c670270401a2ba9d624c2d98dc2e31c3df30ce612a7c94041cb2210de Loading...

	forgerylimit.com/cgn59frwp?bfkm=39&refer=https3a2f2fdeliriousholistic.net2fembed2f1hz0ggi4e&kw=5b5d&key=82054d468d1245b12f8e814444d99462&scrwidth=1920&scrheight=1080&tz=2&v=22.8.v.1&ship=&sub3=invoke_layer&res=13.1055&dev=e&psid=ns.to&adb=y&adb=y	358 B	2023-03-07	2023-03-07
Pretty URL forgerylimit.com/cgn59frwp?bfkm=39&refer=https3a2f2fdeliriousholistic.net2fembed2f1hz0ggi4e&kw=5b5d&key=82054d468d1245b12f8e814444d99462&scrwidth=1920&scrheight=1080&tz=2&v=22.8.v.1&ship=&sub3=invoke_layer&res=13.1055&dev=e&psid=ns.to&adb=y&adb=y IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59:37 Last Seen2023-03-07 13:59:37 Times Seen1 Hash 7a7a61034a4d52a3e0e4eacaf77469a4 4ce4994dd27a2cb24b8c25f38aa2aa00e0977097 d2109451eab28e93c058cd5f9475a4ada10077bfdb9c736ef32e6402c0d91e25 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-04-25
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 08:01:40 Times Seen106048 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102	59 kB	2023-03-07	2023-10-02
Pretty URL welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102 IP 108.161.188.196 ASN #12989 StackPath LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1702 Hash b7fb41ed89500bb6a8f482f91216cfac caf092ff1935a3a13e8608d56ce60c008b498d68 4a2dbda07d552ad5d425033fcd10ccb1addc5140a177cbb0d11bb3f2f7974a8c Loading...

		Size	First Seen	Last Seen
	#1 Eval - d66a51311c2681be9b2814403d8e8308	60 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash d66a51311c2681be9b2814403d8e8308 284b626b87d046fe1adfc6899ade214d57f09655 9d51544cc513110b130345a977b1e9e630b5a7aa01518f7f7898758b79a9699f Loading...

	#2 Eval - a2bcebb48aaee0300030cf8123020f69	135 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash a2bcebb48aaee0300030cf8123020f69 365d67c7f5ce945805339efb40c083cc97d1f9b2 fc7b851f30df68c5cc6d1fb3f06c300b2b1d7271f76cc187224050270141f0ed Loading...

	#3 Eval - 4b4768884dd164bcabacb4edf182609a	61 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash 4b4768884dd164bcabacb4edf182609a 881cdbd84f94dc256c40f2ee489d83f956c1b36b 9259355921509ced00b4d7d3e76c151037a06c88a646cd7d47d5d9c96984697c Loading...

	#4 Eval - 84b2cd04a3e6a53dd1e2d2281b4ec9d0	55 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash 84b2cd04a3e6a53dd1e2d2281b4ec9d0 453fd8561e4859d9adbbe37e66110d2584bc2c1d 14986cbd70f8b8a1770adf9800c113847daf392c2999dfff9dc71d2be98f3282 Loading...

	#5 Eval - 52a838bf9957f0cff2021c034f169cb0	88 B	2023-03-07	2023-11-06
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-11-06 09:27:16 Times Seen2384 Hash 52a838bf9957f0cff2021c034f169cb0 30a7327c54334eb310944b6fd01ddf34b4e2ad9d 5e05e2cf30322e8f71d65a22aa5f4a095923b67286a61d83b7787e3468f42f62 Loading...

	#6 Eval - 0df47f7ec8a7025bea46266133fe90c1	54 B	2023-03-07	2024-04-17
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2024-04-17 03:22:10 Times Seen1724 Hash 0df47f7ec8a7025bea46266133fe90c1 407aeb860ef834517df3dfa568905e7c95d42d9f fc490a09c28110ae2a7c965801ebeb5c572587f55c3524889f547dbcc34c1d81 Loading...

	#7 Eval - dddc8519e9834ad5d3074584ccf9f8b7	132 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash dddc8519e9834ad5d3074584ccf9f8b7 829d5d1a21eff85f38994e567322cc3bcce9c9cd 0a23e511994a2c03a725773de07810ff171878b9c0177f40a663038e4e251168 Loading...

	#8 Eval - 596da5f7bb09f22c58c4073eb41d604e	62 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1711 Hash 596da5f7bb09f22c58c4073eb41d604e 66603b30823c3a560dae4f1b6afb92ab5a0f91d5 adf0ca592504ef680d5ea02d5161b15be0572fd3e5b41d152b74f0c76aea6c42 Loading...

	#9 Eval - add2d829cf386f4838b0cdef5348451c	71 B	2023-03-07	2023-10-02
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2023-10-02 17:14:47 Times Seen1710 Hash add2d829cf386f4838b0cdef5348451c c8295463ce81113f7396d77c108349f473285c49 dcdd7e7e286c45c94638f28053384616d6ca9a1b396b0109cb51f1298ba342bb Loading...

		Size	First Seen	Last Seen
	#1 Write - ac798ac2b2c9559c3e64b701f845c78e	50 B	2023-03-07	2024-02-01
Pretty Observations First Seen2023-03-07 01:11:26 Last Seen2024-02-01 12:23:48 Times Seen6876 Hash ac798ac2b2c9559c3e64b701f845c78e 288602cbfebecea88ca238ce32c92d133bf59bff a2b051fa7d206df6e4eeee27678781de0752c1ac7adcfd359c1a2fc7ff507449 Loading...

HTTP Transactions (78)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 08 Sep 2022 20:05:24 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5BkW7HXhEP1x8ucNjnRJnEjTziEQKnROdTdpmXlRFKyHwtv3_kH3kQ==
Age: 912

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11695
Expires: Thu, 08 Sep 2022 23:35:32 GMT
Date: Thu, 08 Sep 2022 20:20:37 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AZR_QEq4BfyjVwWkg6GBcXxpyTu2LaT78xTLoZmFnJuQiHuVvQ-ESQ==
age: 59643
X-Firefox-Spdy: h2

forgerylimit.com/cgn59frwp?bfkm=39&refer=https3a2f2fdeliriousholistic.net2fembed2f1hz0ggi4e&kw=5b5d&key=82054d468d1245b12f8e814444d99462&scrwidth=1920&scrheight=1080&tz=2&v=22.8.v.1&ship=&sub3=invoke_layer&res=13.1055&dev=e&psid=ns.to&adb=y&adb=y

192.243.59.13

200 OK

1.4 kB

URL HTTP/1.1
forgerylimit.com/cgn59frwp?bfkm=39&refer=https3a2f2fdeliriousholistic.net2fembed2f1hz0ggi4e&kw=5b5d&key=82054d468d1245b12f8e814444d99462&scrwidth=1920&scrheight=1080&tz=2&v=22.8.v.1&ship=&sub3=invoke_layer&res=13.1055&dev=e&psid=ns.to&adb=y&adb=y
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (792)
Size
1.4 kB (1367 bytes)
Hash
bec0d34957a4ea7de11682724c7aa915
b043f46b4dfbd4b967b2e4687b175fc0333c0c62
31ff0963d5db83adceda88851ee076e4f467f45a2ad026111215cd131488499f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cgn59frwp?bfkm=39&refer=https3a2f2fdeliriousholistic.net2fembed2f1hz0ggi4e&kw=5b5d&key=82054d468d1245b12f8e814444d99462&scrwidth=1920&scrheight=1080&tz=2&v=22.8.v.1&ship=&sub3=invoke_layer&res=13.1055&dev=e&psid=ns.to&adb=y&adb=y HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 08 Sep 2022 20:20:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17230429; expires=Fri, 09 Sep 2022 20:20:37 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzIzMDQyOSwiayI6IjgyMDU0ZDQ2OGQxMjQ1YjEyZjhlODE0NDQ0ZDk5NDYyIiwic2lkIjoibnMudG8iLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE4NTM3MzEsInBpZCI6NDY2MTgwLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE5LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJjZ241OWZyd3AiLCJjcGtzIjp7ICIyOSI6IjQ4MWVmM2Y3NzQ0N2YwZTc2ODRiYjBkZWFiYTgzY2QyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczNhMmYyZmRlbGlyaW91c2hvbGlzdGljLm5ldDJmZW1iZWQyZjFoejBnZ2k0ZSJ9fQ.wj7CBO7ybWBAeuWuoiKcNqrkEwuF5K47CJSHjISg7EI; expires=Thu, 08 Sep 2022 20:21:37 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7c68944af6ce27a6a65b9ac137fa2fe5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 20:20:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

forgerylimit.com/cgn59frwp?shu=c7e9bb7bad6b5d170766e8b915bf9080600d910db0110775b456c5d08235277a93cf55db03a490c0d470dad4a0ec28b6bedd60112b999e5e931fa825b3929ad0c45971f25b7b5b0aae8e13789d9e5483fdfedd65&pst=1662668497&rmtc=t&uuid=&pii=&in=false&key=82054d468d1245b12f8e814444d99462&refer=https3a2f2fdeliriousholistic.net2fembed2f1hz0ggi4e&sub3=invoke_layer&adb=y&tz=2&ship=&psid=ns.to&scrheight=1080&v=22.8.v.1&kw=5b5d&res=13.1055&dev=e&bfkm=39&scrwidth=1920

192.243.59.13

302 Found

0 B

URL HTTP/1.1
forgerylimit.com/cgn59frwp?shu=c7e9bb7bad6b5d170766e8b915bf9080600d910db0110775b456c5d08235277a93cf55db03a490c0d470dad4a0ec28b6bedd60112b999e5e931fa825b3929ad0c45971f25b7b5b0aae8e13789d9e5483fdfedd65&pst=1662668497&rmtc=t&uuid=&pii=&in=false&key=82054d468d1245b12f8e814444d99462&refer=https3a2f2fdeliriousholistic.net2fembed2f1hz0ggi4e&sub3=invoke_layer&adb=y&tz=2&ship=&psid=ns.to&scrheight=1080&v=22.8.v.1&kw=5b5d&res=13.1055&dev=e&bfkm=39&scrwidth=1920
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /cgn59frwp?shu=c7e9bb7bad6b5d170766e8b915bf9080600d910db0110775b456c5d08235277a93cf55db03a490c0d470dad4a0ec28b6bedd60112b999e5e931fa825b3929ad0c45971f25b7b5b0aae8e13789d9e5483fdfedd65&pst=1662668497&rmtc=t&uuid=&pii=&in=false&key=82054d468d1245b12f8e814444d99462&refer=https3a2f2fdeliriousholistic.net2fembed2f1hz0ggi4e&sub3=invoke_layer&adb=y&tz=2&ship=&psid=ns.to&scrheight=1080&v=22.8.v.1&kw=5b5d&res=13.1055&dev=e&bfkm=39&scrwidth=1920 HTTP/1.1
Host: forgerylimit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://forgerylimit.com/cgn59frwp?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=17230429
Cookie: u_pl=17230429; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzIzMDQyOSwiayI6IjgyMDU0ZDQ2OGQxMjQ1YjEyZjhlODE0NDQ0ZDk5NDYyIiwic2lkIjoibnMudG8iLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE4NTM3MzEsInBpZCI6NDY2MTgwLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE5LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJjZ241OWZyd3AiLCJjcGtzIjp7ICIyOSI6IjQ4MWVmM2Y3NzQ0N2YwZTc2ODRiYjBkZWFiYTgzY2QyIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczNhMmYyZmRlbGlyaW91c2hvbGlzdGljLm5ldDJmZW1iZWQyZjFoejBnZ2k0ZSJ9fQ.wj7CBO7ybWBAeuWuoiKcNqrkEwuF5K47CJSHjISg7EI; cjs=t
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx/1.17.6
Date: Thu, 08 Sep 2022 20:20:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17230429
Set-Cookie: pdhtkv=true; expires=Fri, 09 Sep 2022 20:20:37 GMT
uncs=1; expires=Fri, 09 Sep 2022 20:20:37 GMT
pdhtkv28=true; expires=Fri, 09 Sep 2022 20:20:37 GMT
uncs28=1; expires=Fri, 09 Sep 2022 20:20:37 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3c36e34344746335a9679d3f4f791935
Strict-Transport-Security: max-age=0; includeSubdomains

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 08 Sep 2022 19:38:18 GMT
Cache-Control: max-age=3600
Expires: Thu, 08 Sep 2022 20:31:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TVt34IvPyetfhifUaLlgeHB4EtUFM-NpagAc8SghAZyVTPXP6fg-Vg==
Age: 2539

adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17230429

23.36.79.43

301 Moved Permanently

0 B

URL HTTP/2
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17230429
IP
23.36.79.43:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17230429 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://forgerylimit.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 0
location: https://no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_277C464F097048719C5534C4BB5393F9&sref=ADST&ADST=17230429&affiliateId=1&pid=86115102&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Thu, 08 Sep 2022 20:20:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 08 Sep 2022 20:20:37 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; domain=.unibet.com; expires=Sat, 08-Sep-3021 20:20:37 GMT; path=/; secure; SameSite=Strict
server-timing: edge; dur=1, origin; dur=86, cdn-cache; desc=MISS
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
042105f89c8d64b470d84e052cd412d1
a26c7e2559b3760ea2765b16a3f8d1be27f5dcf4
fadb8cdd22f4d7773d5c20d576f6400ab25e20e1efe3e3fe50d2ae39ca6f2725

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3793
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:20:37 GMT
Last-Modified: Thu, 08 Sep 2022 19:17:24 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_277C464F097048719C5534C4BB5393F9&sref=ADST&ADST=17230429&affiliateId=1&pid=86115102&bid=37950

85.184.96.0

301 Moved Permanently

0 B

URL HTTP/2
no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_277C464F097048719C5534C4BB5393F9&sref=ADST&ADST=17230429&affiliateId=1&pid=86115102&bid=37950
IP
85.184.96.0:0
ASN
#47171 Unibet Services Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_277C464F097048719C5534C4BB5393F9&sref=ADST&ADST=17230429&affiliateId=1&pid=86115102&bid=37950 HTTP/1.1
Host: no.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://forgerylimit.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Thu, 08 Sep 2022 20:20:37 GMT
content-length: 0
location: https://no.unibet.com:443/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_277C464F097048719C5534C4BB5393F9&sref=ADST&ADST=17230429&affiliateId=1&pid=86115102&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86115102-37950
set-cookie: JSESSIONID=node0kvov7r346mg81qvxybvk3amss1070118.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node0kvov7r346mg81qvxybvk3amss; Path=/; Domain=.unibet.com; Expires=Sat, 07-Sep-2024 20:20:37 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.com; Expires=Sat, 07-Sep-2024 20:20:37 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="http://forgerylimit.com/"; Path=/; Domain=.unibet.com; Expires=Sat, 07-Sep-2024 20:20:37 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=41395102; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Thu, 08-Sep-2022 20:20:52 GMT; Max-Age=15; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=41395102; Secure; SameSite=None
B-TAG=127656177_277C464F097048719C5534C4BB5393F9; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=41395102; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=41395102; Secure; SameSite=None
PID=86115102; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=41395102; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=http%3A%2F%2Fforgerylimit.com%2F; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=41395102; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=41395102; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=41395102; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Thu, 08-Sep-2022 20:20:52 GMT; Max-Age=15; Secure; SameSite=None
campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=41395102; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Thu, 08-Sep-2022 20:20:52 GMT; Max-Age=15; Secure; SameSite=None
clientId=polopoly_desktop; Domain=no.unibet.com; Path=/; SameSite=None; Secure
referer: http://forgerylimit.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 08 Sep 2022 20:20:37 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2

no.unibet.com/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_277C464F097048719C5534C4BB5393F9&sref=ADST&ADST=17230429&affiliateId=1&pid=86115102&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86115102-37950

85.184.96.0

301 Moved Permanently

0 B

URL HTTP/2
no.unibet.com/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_277C464F097048719C5534C4BB5393F9&sref=ADST&ADST=17230429&affiliateId=1&pid=86115102&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86115102-37950
IP
85.184.96.0:0
ASN
#47171 Unibet Services Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_277C464F097048719C5534C4BB5393F9&sref=ADST&ADST=17230429&affiliateId=1&pid=86115102&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86115102-37950 HTTP/1.1
Host: no.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://forgerylimit.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
date: Thu, 08 Sep 2022 20:20:38 GMT
content-length: 0
location: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 08 Sep 2022 20:20:37 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2

ocsp.securetrust.com/

23.36.79.25

200 OK

638 B

URL HTTP/1.1
ocsp.securetrust.com/
IP
23.36.79.25:0
ASN
#20940 Akamai International B.V.

File type
data
Size
638 B (638 bytes)
Hash
3031c1842884fe945597e0472b2ecc51
d461b0ad6fc3aba1fe6a6dafdcaadbf7ddf75174
26b429c2c5b40f5a383a4a088d60ee7a8dc942e1a65f26e5b1874c3d0f2dc355

HTTP Headers

POST / HTTP/1.1
Host: ocsp.securetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 638
Date: Thu, 08 Sep 2022 20:20:38 GMT
Connection: keep-alive

push.services.mozilla.com/

35.160.51.228

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.160.51.228:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SHJovJVls5zmN3QL1SR0TA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3tNRruA7kMnqczypN3f/UBDa2q4=

a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js

85.184.96.5

200 OK

957 B

URL HTTP/2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP
85.184.96.5:0
ASN
#47171 Unibet Services Limited

File type
ASCII text
Size
957 B (957 bytes)
Hash
e19225e3eb562a3b6a86f7b8b47c38fb
ce3eb55448afd8fc9dfa4ac82f8743a009d5e142
c152526a02cb050650847e999ae141eae985472fbf73c5a843160b3b6bb06f79

HTTP Headers

GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: application/javascript
content-length: 957
last-modified: Mon, 25 Apr 2022 12:18:31 GMT
etag: "3bd-5dd799309c310"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/1-main.js

108.161.188.196

200 OK

2.2 kB

URL HTTP/2
welcome.unibet.com/no/pop/multisport/1-main.js
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
data
Size
2.2 kB (2151 bytes)
Hash
098689c2ec873a30c504ffb8de25214d
ea6626707f8cc6c4f14b85e364176fab18f1e13d
b40267bb993c8f73601ace1aab4ef454291d116b8cc446724b911674e272e9c1

HTTP Headers

GET /no/pop/multisport/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68343779E"
x-ms-request-id: 59472408-401e-0072-56bf-c3154d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/1-styles.css

108.161.188.196

200 OK

6.7 kB

URL HTTP/2
welcome.unibet.com/no/pop/multisport/1-styles.css
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
data
Size
6.7 kB (6679 bytes)
Hash
223a6be52c1dee4ae669bb8188c63af4
815aa761b5c240b149cb3b02be0c9829502eb505
12f2b621fc1f46c33ab23df3550e26ca53ad8e1979d75b07ac98a105ec5d2672

HTTP Headers

GET /no/pop/multisport/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: W/"0x8DA52B67FB09D8F"
x-ms-request-id: c537c7f1-c01e-000e-2bbf-c33bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.10

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
30 kB (30399 bytes)
Hash
0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 10:07:37 GMT
expires: Thu, 07 Sep 2023 10:07:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 123181
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/gambling-commission.png

108.161.188.196

301 Moved Permanently

178 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/gambling-commission.png
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /no/pop/multisport/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 301 Moved Permanently
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: text/html
content-length: 178
location: https://www.unibet.com/
server: NetDNA-cache/2.2
x-cache: MISS
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
55362bc853c99806e54641de1e0fdb0c
1c84425554ce994c84fd4d3b95833fed9bf16023
936a1c711aea3c55e6e270aec23f72818b7bbfed28b1c9859697050ebe9aaf4e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:20:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

a1s.unibet.com/orval/tracking/lastclick.min.js

85.184.96.5

200 OK

1.3 kB

URL HTTP/2
a1s.unibet.com/orval/tracking/lastclick.min.js
IP
85.184.96.5:0
ASN
#47171 Unibet Services Limited

File type
data
Size
1.3 kB (1286 bytes)
Hash
d19efff20702a06ed15c184d6e1bee08
4bc57144325d181a2cc1fe0dece1835247b4c7fb
e518f3898adb7dab7f0d670879cbdf79e3889e556c0bfd3eec8d088059ce9875

HTTP Headers

GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/utv-logo.svg

108.161.188.196

200 OK

75 kB

URL HTTP/2
welcome.unibet.com/no/pop/multisport/utv-logo.svg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
data
Size
75 kB (74807 bytes)
Hash
a719bc082d75b1549ac26ef80ddac26d
a6376dc7f387a20ab10ba86adfe5f676ef507025
57647514e907c5bde064aa9cf1829543e40169590aaa580373b9de2285fac787

HTTP Headers

GET /no/pop/multisport/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: W/"0x8DA52B680312C74"
x-ms-request-id: 436839cf-601e-0038-35bf-c3b6c2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
652bdaaaca09a66fc9a260163eee7aeb
f59f82dd2c189cdff5c641ff7c53c5f257e1f2d2
bbaf18a14748bb922b9bd19125c78310a564b1aebb7de8f30af0be6fa390e7da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:20:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

welcome.unibet.com/no/pop/multisport/1-background-black.jpg

108.161.188.196

200 OK

98 kB

URL HTTP/2
welcome.unibet.com/no/pop/multisport/1-background-black.jpg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Size
98 kB (98453 bytes)
Hash
8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407

HTTP Headers

GET /no/pop/multisport/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: image/jpeg
content-length: 98453
cache-control: public, max-age=900, immutable
content-md5: jm2a9e8brf6Slbj8lnk8KA==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: "0x8DA52B6801D0B27"
x-ms-request-id: e92c5310-601e-0017-5abf-c3bb09000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/Unibet_Pro_2020.woff2

108.161.188.196

200 OK

11 kB

URL HTTP/2
welcome.unibet.com/no/pop/multisport/Unibet_Pro_2020.woff2
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
Web Open Font Format (Version 2), TrueType, length 10924, version 1.0\012- data
Size
11 kB (10924 bytes)
Hash
0ea5bcff84ae44840b6e9c9d12c8b963
6c827e1adb18775d2fdfbbbfef63cc9b66243ed2
b4e210ac58fe8fb176e24c58ffdbd0e7b40dded1314769dbcebdc413998b882b

HTTP Headers

GET /no/pop/multisport/Unibet_Pro_2020.woff2 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: font/woff2
content-length: 10924
cache-control: public, max-age=900, immutable
content-md5: DqW8/4SuRIQLbpydEsi5Yw==
last-modified: Mon, 20 Jun 2022 12:15:05 GMT
etag: "0x8DA52B682E2A11A"
x-ms-request-id: 8f4a5a9f-b01e-0049-69bf-c350e9000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:20:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:20:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC

142.250.74.72

200 OK

79 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (62112)
Size
79 kB (78912 bytes)
Hash
20af2ebc479d4922b976999ebbbfc7d1
2a0a27e3ddfb7070ea40ea50fe7f98817edc64f5
a184f96a4a33ffc030d0b4cbdb5cbecabf2e5bb1d9581633407ae2f363d0fadb

HTTP Headers

GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Sep 2022 20:20:38 GMT
expires: Thu, 08 Sep 2022 20:20:38 GMT
cache-control: private, max-age=900
last-modified: Thu, 08 Sep 2022 18:30:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78912
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

welcome.unibet.com/widget/betslip/betslip.js

108.161.188.196

200 OK

20 kB

URL HTTP/2
welcome.unibet.com/widget/betslip/betslip.js
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
data
Size
20 kB (20292 bytes)
Hash
41f0a8fc7b9bdb0e594f1d2f40eb1662
3f42aaae38e1e0722a4e1cf45fa8badfe46fc2cb
66a5a94b295fea263ae3843933bd92ee6a5bc6aab71b71570bee967a2490bd16

HTTP Headers

GET /widget/betslip/betslip.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: f51bbc89-c01e-0043-64bf-c3f45e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/icon-sports.svg

108.161.188.196

200 OK

16 kB

URL HTTP/2
welcome.unibet.com/no/pop/multisport/icon-sports.svg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
data
Size
16 kB (16527 bytes)
Hash
b1514dd1ab7c585fd8a44a77d5a9f8b6
adb87bee4aa7d716cd9f16b5146462041b80e6a4
621de587e9df4d85ca22cb4070e26e4aa5076c8b4b08e53b5887c47c6136678e

HTTP Headers

GET /no/pop/multisport/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B682395A83"
x-ms-request-id: a08d38a8-801e-006d-21bf-c3a649000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
652bdaaaca09a66fc9a260163eee7aeb
f59f82dd2c189cdff5c641ff7c53c5f257e1f2d2
bbaf18a14748bb922b9bd19125c78310a564b1aebb7de8f30af0be6fa390e7da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:20:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:20:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

welcome.unibet.com/no/pop/multisport/favicon.ico

108.161.188.196

200 OK

421 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/favicon.ico
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size
421 B (421 bytes)
Hash
ad2d9f441c6692a806c7b427bb3e536d
4978e1ffc5b62c3e2231d22aeb8f7ac679764abe
95efe0e48a145adb6c6c385cecb0e2a7a3dd2e9a3f7a01ca0647e373602770ed

HTTP Headers

GET /no/pop/multisport/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: image/x-icon
content-length: 421
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: "0x8DA52B67FC5A91F"
x-ms-request-id: cd9f50a8-401e-0062-58bf-c3d025000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1

104.19.148.8

200 OK

1.5 kB

URL HTTP/2
script.crazyegg.com/pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1
IP
104.19.148.8:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (4014), with no line terminators
Size
1.5 kB (1536 bytes)
Hash
5825a1c9d58b2250d258687c9eb64894
83cf87393c419afe24a8a8391b10aae60374d6ed
ae30f72b46d37d606b7c1deb5b4d88f7d4d5c74d94a6d20a1d63b1138eb44668

HTTP Headers

GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: application/json
content-length: 1536
access-control-expose-headers: CE-Version
ce-version: 11.4.2
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Thu, 08 Sep 2022 19:45:55 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 2083
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 747a62cdba5a0b31-OSL
X-Firefox-Spdy: h2

secure.adnxs.com/seg?add=9755599

185.89.210.90

307 Redirection

0 B

URL HTTP/1.1
secure.adnxs.com/seg?add=9755599
IP
185.89.210.90:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /seg?add=9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 08 Sep 2022 20:20:38 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: 1ebc7411-4493-49bf-900b-9c3f60b90863
Set-Cookie: uuid2=7827736979295007834; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 07-Dec-2022 20:20:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
aac63096cc5f92b9a6f140bd1092152d
b611ea0cf2c003f0a9fee54aa9803a224bc4bece
647b74c16563347e59fd6bcfb3f65c555d7dc97708ca71685f09293a3f59646a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3810
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:20:38 GMT
Last-Modified: Thu, 08 Sep 2022 19:17:08 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1662668430721

54.154.199.204

200 OK

499 B

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1662668430721
IP
54.154.199.204:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Size
499 B (499 bytes)
Hash
c77ef9b798230e38963e6bf7ae7349ae
e527a553cf3e8d340e43fab171167f0cdbc1288c
e93382cf6370699d5548f3544ef258196ded02141faf097212013a427c85246b

HTTP Headers

GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1662668430721 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v039-0950f4dc5.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=11064891193196054622170787230209162168; Max-Age=15552000; Expires=Tue, 07 Mar 2023 20:20:38 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: fzU2xohcTWQ=
Content-Length: 499
Connection: keep-alive

script.crazyegg.com/pages/versioned/common-scripts/f0ea59b706193b189a5effb0b5ea05bc.js

104.19.148.8

200 OK

30 kB

URL HTTP/2
script.crazyegg.com/pages/versioned/common-scripts/f0ea59b706193b189a5effb0b5ea05bc.js
IP
104.19.148.8:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (26535)
Size
30 kB (30287 bytes)
Hash
1ca4488043c8a519267ead0a317fd985
aac61da5d4fdb7d848404e6c523de5cf5d2578f1
d46f250470365c326ed330d8e8639f1173c0f5f14f04851e520ae59d92f2e214

HTTP Headers

GET /pages/versioned/common-scripts/f0ea59b706193b189a5effb0b5ea05bc.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: text/javascript
content-length: 30287
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Thu, 25 Aug 2022 14:04:42 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 27790
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 747a62ceea030b59-OSL
X-Firefox-Spdy: h2

secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599

185.89.210.90

200 OK

43 B

URL HTTP/1.1
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP
185.89.210.90:0
ASN
#29990 ASN-APPNEX

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

HTTP Headers

GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 08 Sep 2022 20:20:38 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: e3e7af57-7737-4539-9364-b1bcaa5c1b93
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2GTxk?7Lm!]tbP6j2F-XstGt!@DVh$fyds; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 07-Dec-2022 20:20:38 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7e50c110f1cae7da7256da1977b61b75
bbf9ce3b151e9cc92b124a25ce60af0b2a30b931
84b06ebe70dd3dae6f522dfb2eec1f4438d9e7189e438db1a83324075378e5a2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4535
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 20:20:39 GMT
Last-Modified: Thu, 08 Sep 2022 19:05:04 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=11050048381886293252174924754079794723&ts=1662668430945

13.36.218.177

200 OK

2 B

URL HTTP/2
unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=11050048381886293252174924754079794723&ts=1662668430945
IP
13.36.218.177:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=11050048381886293252174924754079794723&ts=1662668430945 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
date: Thu, 08 Sep 2022 20:20:39 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/icon-trust.svg

108.161.188.196

200 OK

7.0 kB

URL HTTP/2
welcome.unibet.com/no/pop/multisport/icon-trust.svg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (11269)
Size
7.0 kB (7046 bytes)
Hash
b54732a463197865051c12c61e877c1e
f5c0c4b17871453ed240d6a2243894967139a467
2a3940530b0ef205cb5e2d26d28b3aed739a27a5b4d40141bc4506e529cee8f2

HTTP Headers

GET /no/pop/multisport/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B68201D7DE"
x-ms-request-id: 09ce7e29-301e-0047-41bf-c37959000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=461852

104.19.148.8

200 OK

144 B

URL HTTP/2
script.crazyegg.com/pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=461852
IP
104.19.148.8:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
144 B (144 bytes)
Hash
f24f3ffccc73d8b766decefba19bcd2f
1306cc4350b233c1506c6b79a316a71821835b8c
e07445b6888bf003969959bc54043bea297277beb965d8f1030061edf0bece56

HTTP Headers

GET /pages/data-scripts/0012/9242/sampling/welcome.unibet.com.json?t=461852 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:39 GMT
content-type: application/json
content-length: 144
access-control-expose-headers: CE-Version
ce-version: 11.4.2
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Thu, 08 Sep 2022 19:45:54 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 2084
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 747a62d04e570b31-OSL
X-Firefox-Spdy: h2

unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s0273240545064?AQB=1&ndh=1&pf=1&t=8%2F8%2F2022%2020%3A20%3A31%204%200&mid=11050048381886293252174924754079794723&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86115102-37950%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26bid%3D37950%26campaignId%3D2750545%26pid%3D86115102&r=http%3A%2F%2Fforgerylimit.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86115102-37950%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26bid%3D37950%26campaignId%3D2750545%26pid%3D86115102&v1=welcome.unibet.com%3A%3A%3Adesktop%3Ano%3Apop%3Amultisport%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=8%3A20%20PM%7CThursday&v6=8%3A20%20PM%7CThursday&v11=GBP&c14=New&v14=New&c16=1662668431&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A86115102-37950&v122=NONE&v124=2750545&v125=127656177_277C464F097048719C5534C4BB5393F9&v126=86115102&v127=37950&v134=1662668430&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1

13.36.218.177

200 OK

43 B

URL HTTP/2
unibetlondonltd.d3.sc.omtrdc.net/b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s0273240545064?AQB=1&ndh=1&pf=1&t=8%2F8%2F2022%2020%3A20%3A31%204%200&mid=11050048381886293252174924754079794723&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86115102-37950%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26bid%3D37950%26campaignId%3D2750545%26pid%3D86115102&r=http%3A%2F%2Fforgerylimit.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86115102-37950%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26bid%3D37950%26campaignId%3D2750545%26pid%3D86115102&v1=welcome.unibet.com%3A%3A%3Adesktop%3Ano%3Apop%3Amultisport%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=8%3A20%20PM%7CThursday&v6=8%3A20%20PM%7CThursday&v11=GBP&c14=New&v14=New&c16=1662668431&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A86115102-37950&v122=NONE&v124=2750545&v125=127656177_277C464F097048719C5534C4BB5393F9&v126=86115102&v127=37950&v134=1662668430&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1
IP
13.36.218.177:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 2 x 2\012- data
Size
43 B (43 bytes)
Hash
ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

HTTP Headers

GET /b/ss/unibetlondonunibetwebprod/1/JS-2.22.4/s0273240545064?AQB=1&ndh=1&pf=1&t=8%2F8%2F2022%2020%3A20%3A31%204%200&mid=11050048381886293252174924754079794723&aamlh=6&ce=UTF-8&pageName=LP%3A2022%20-%20Multi%20Sports%20-%20popunders&g=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86115102-37950%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26bid%3D37950%26campaignId%3D2750545%26pid%3D86115102&r=http%3A%2F%2Fforgerylimit.com%2F&cc=GBP&ch=bf_landingpage&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86115102-37950%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26bid%3D37950%26campaignId%3D2750545%26pid%3D86115102&v1=welcome.unibet.com%3A%3A%3Adesktop%3Ano%3Apop%3Amultisport%3Aindex.html&c2=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&v2=bf_landingpage&v3=welcome.unibet.com&v4=No%20CMS%5ENo%20ClientID%5ENo%20Locale%5ENo%20Juristiction&c6=8%3A20%20PM%7CThursday&v6=8%3A20%20PM%7CThursday&v11=GBP&c14=New&v14=New&c16=1662668431&v21=Not%20Logged-In&c73=unibet&v120=popunder&v121=1%3A127656177%3A86115102-37950&v122=NONE&v124=2750545&v125=127656177_277C464F097048719C5534C4BB5393F9&v126=86115102&v127=37950&v134=1662668430&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&AQE=1 HTTP/1.1
Host: unibetlondonltd.d3.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
date: Thu, 08 Sep 2022 20:20:39 GMT
expires: Wed, 07 Sep 2022 20:20:39 GMT
last-modified: Fri, 09 Sep 2022 20:20:39 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3570553286022463488-4619743822699362121
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

assets-tracking.crazyegg.com/healthcheck

54.230.111.114

200 OK

19 B

URL HTTP/2
assets-tracking.crazyegg.com/healthcheck
IP
54.230.111.114:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text
Size
19 B (19 bytes)
Hash
d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

HTTP Headers

GET /healthcheck HTTP/1.1
Host: assets-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Thu, 18 Aug 2022 02:22:24 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8IRwderUpYWE47Qzd5-QcWPL05iZROdVL4zH5QyvTQ3gMEfXZMIDmQ==
age: 1879096
X-Firefox-Spdy: h2

pagestates-tracking.crazyegg.com/healthcheck

54.230.111.22

200 OK

19 B

URL HTTP/2
pagestates-tracking.crazyegg.com/healthcheck
IP
54.230.111.22:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text
Size
19 B (19 bytes)
Hash
d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

HTTP Headers

GET /healthcheck HTTP/1.1
Host: pagestates-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Thu, 14 Jul 2022 06:23:23 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9px_egW0bt9PtI_Fsbo_vR5u3KLh0Oh8IoVB_XK_CC1f7P39E1rqoA==
age: 4888637
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ad7a2f861998a7a7af24e8dc77f22f8e
9aa4cb27f724850f0744dd07f513f3c0e57d2d45
37e074185cc23d27a880cf35abcd4720d9a62a51607a715f5e940314469153be

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 08 Sep 2022 20:20:39 GMT
Last-Modified: Thu, 08 Sep 2022 18:33:52 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9kEEv2Aqp8-8By9QVkinYyckIen0a29pWuDQE74JcPdHteClAfz4GQ==
Age: 6407

cm.everesttech.net/cm/dd?d_uuid=11064891193196054622170787230209162168

54.154.221.23

302

0 B

URL HTTP/1.1
cm.everesttech.net/cm/dd?d_uuid=11064891193196054622170787230209162168
IP
54.154.221.23:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cm/dd?d_uuid=11064891193196054622170787230209162168 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 
Date: Thu, 08 Sep 2022 20:20:39 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~YxpOlwAAAGXRBQN-; Domain=.everesttech.net; Expires=Fri, 08-Sep-2023 20:20:39 GMT; Path=/
everest_session_v2=YxpOlwAAAGXRBgN-; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxpOlwAAAGXRBQN-
Server: AMO-cookiemap/1.1

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
90994a3a7f5bd2044bcfbb065d2d8734
17a018c67649ac2b953c65e6cb8bd6ab8104b395
9709078c20ebcbb820e9dd80ff9d6d9192744840c3cbb020b8683359c103eebc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 08 Sep 2022 20:20:39 GMT
Last-Modified: Thu, 08 Sep 2022 19:04:50 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ajS7nhaho_ZmDODE0IkyA1101DX1jtEenfNBvKin__4_sCxdUgTLEQ==
Age: 4549

dpm.demdex.net/ibs:dpid=411&dpuuid=YxpOlwAAAGXRBQN-

54.154.199.204

302 Found

0 B

URL HTTP/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=YxpOlwAAAGXRBQN-
IP
54.154.199.204:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ibs:dpid=411&dpuuid=YxpOlwAAAGXRBQN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v039-0950f4dc5.edge-irl1.demdex.com 6 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YxpOlwAAAGXRBQN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=46526535426929650462649530278328894086; Max-Age=15552000; Expires=Tue, 07 Mar 2023 20:20:39 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: vqvyfIgURyI=
Content-Length: 0
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4725
Expires: Thu, 08 Sep 2022 21:39:24 GMT
Date: Thu, 08 Sep 2022 20:20:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4725
Expires: Thu, 08 Sep 2022 21:39:24 GMT
Date: Thu, 08 Sep 2022 20:20:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4725
Expires: Thu, 08 Sep 2022 21:39:24 GMT
Date: Thu, 08 Sep 2022 20:20:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4725
Expires: Thu, 08 Sep 2022 21:39:24 GMT
Date: Thu, 08 Sep 2022 20:20:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4725
Expires: Thu, 08 Sep 2022 21:39:24 GMT
Date: Thu, 08 Sep 2022 20:20:39 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8162 bytes)
Hash
09267c271a56ba4c2d4197543f264fac
67ae4acd88571da51b81fa7ed963b7f2a71845b4
906163f9e1bb8908ae7fcfbf4debc2a42fd14a3f90c8814536025a57ee851dbe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8162
x-amzn-requestid: decb1d93-bcc9-4a71-a054-c537ad7d1add
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJvndF1fIAMFv7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2c95-27cef2465fd0e6c849da81af;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:55:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: C_J0m9xfkCb5qsoO934KB2Ldk1-yMaMXkgiv9gWus7JqjN3M_HCpdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 18:01:20 GMT
age: 8359
etag: "67ae4acd88571da51b81fa7ed963b7f2a71845b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11365 bytes)
Hash
6f73ee4e91b38eaa36cadd4c437785f8
6ceea057f5ae50b9cef505da0a358e3d3b7d6a38
778d28e14b28c154843403470136d0efdcdd5e93e4b5aab784c12d4344e7af6f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11365
x-amzn-requestid: d50039cd-381c-4221-997e-9231d40ecfbb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9V0EHEoAMFeag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f58-11cab61904bd14462cd13d0d;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qhobt81rs5gqg8hcr1Su3J3MNFt4_gR2hLHkIl5xDDS1HF9g_3ecCg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:40:35 GMT
age: 78004
etag: "6ceea057f5ae50b9cef505da0a358e3d3b7d6a38"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7885 bytes)
Hash
7ca5b5d4ac26d97b5729a30ecdc688bc
3e633bc6c4ab9adfe84899e5209d73bef1d097eb
2c8275d1819d933f86df9685b76aea030842ba5a341c59ea88ffd2da99a5a3d5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7885
x-amzn-requestid: 305dc6b7-eb3d-40ad-af89-8b60be935637
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThE3DIAMFRtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-7c0b58644e26de7f27c5b388;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: MG4_YJuVqfSCQ80FTdo5XU8xIi74XtILVbIQAbByh54QNOoMJCyS-Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:47:05 GMT
age: 81214
etag: "3e633bc6c4ab9adfe84899e5209d73bef1d097eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86e2429c-04f6-4791-b0ac-bfe10ee01611.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7021 bytes)
Hash
567b5c4783f4affe56eab1cd640447d0
e02a994b68bca6eb31847ca69e574759629d1029
f3b8af815de503b88bba689b28a1d2b4b7616936ecc5d62d15fa00adaa5e340f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86e2429c-04f6-4791-b0ac-bfe10ee01611.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7021
x-amzn-requestid: bd198efa-b9d2-41a2-bb9a-29a1fd215df4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMYCFaYoAMF6uQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198dcc-1c1268c733becef7121578d5;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:38:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0qd82aiFTZbWCObydf8sJFMm1paPmTp3HxIK86PA6PK9L8g8PLbjCw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 07:58:07 GMT
age: 44552
etag: "e02a994b68bca6eb31847ca69e574759629d1029"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YxpOlwAAAGXRBQN-

54.154.199.204

200 OK

59 B

URL HTTP/1.1
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YxpOlwAAAGXRBQN-
IP
54.154.199.204:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
59 B (59 bytes)
Hash
1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13

HTTP Headers

GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YxpOlwAAAGXRBQN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v039-0d1df480d.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: oPvO4Q5JTxU=
Content-Length: 59
Connection: keep-alive

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7492 bytes)
Hash
a07d553b6441514870ed7e9e989a29a7
98c145b9326d1e6036fa9089d87a25232dd45b0b
373a586b596016baeb8de98022207c25af24c099c06077edbdfd837cffc31a0e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7492
x-amzn-requestid: 2c5e9ff3-c7a4-4a8f-96bf-74f0ca5d9137
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9dOHguIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f87-70dbe6532b1a241e6dbe729e;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lbCmv9fV9iBGOQvxRzleYwC5dBYeu1kRgSSkC2hycDmavyXj-KlFSw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:24:59 GMT
age: 78940
etag: "98c145b9326d1e6036fa9089d87a25232dd45b0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7251 bytes)
Hash
1cd778a615e9a4ca3a25119790398434
d6daca74fc85d39274b3c7536f34528bef93ae97
e6b5a7a525e314e09c30985b22da7c34806df09cbe98ad52b00dcbf93a0dc054

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7251
x-amzn-requestid: 26b2021a-4440-47ce-8dba-d971cae60cc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9bmHcmoAMF3Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f7d-5471edce7de2374c3b8af888;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: d3MrDEyDFDylQKyfxONQ12_7IBvRAg8o0rSZ64WNRGNvDHqQyDmqJA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:17:17 GMT
age: 79402
etag: "d6daca74fc85d39274b3c7536f34528bef93ae97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

tracking.crazyegg.com/clock?t=1662668431202

108.128.203.219

200 OK

26 B

URL HTTP/2
tracking.crazyegg.com/clock?t=1662668431202
IP
108.128.203.219:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
978c90f5be00079f9377aeabe7a5e60d
f4f791b3032bc95f7af6afa1ffe749854945ff85
19dbed22f942659ee2d9e4c09c60d27cf107217cad94c2183d9c38b6ecb03c60

HTTP Headers

GET /clock?t=1662668431202 HTTP/1.1
Host: tracking.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: awselb/2.0
date: Thu, 08 Sep 2022 20:20:39 GMT
content-type: text/plain
content-length: 26
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.1/css/all.css

104.21.63.54

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.7.1/css/all.css
IP
104.21.63.54:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: text/css
x-amz-id-2: two71MZ5TpkTpFGIUMPhG3w461PdnkgDGgz27zq6i0Qpvw3joR7rDh9C0IttlYdL7ZaWe4KhN1g=
x-amz-request-id: CV7TMK6K5EDKVGFA
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 152636
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjV3EL7bccgwUYjNgQ4OfgkRJzoE1rqxEv1j4gEsWUvjjkVKAtZHtsAHeSGu06k%2BzWd45YhIMTlOodbYqqcR3DbR3HdEcIWIqY%2FiuPvjQXdPvWV7mAuRvLenxt9%2BlJgLbFVJV2mq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747a62cb3c100af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

welcome.unibet.com/custom.js

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/custom.js
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: 54576eff-f01e-0067-7b74-c302fe000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/unibet-logo.svg

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/unibet-logo.svg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/pop/multisport/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: W/"0x8DA52B6805B919A"
x-ms-request-id: 95c1f871-f01e-0058-49bf-c3ca5d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/app-store-ro.svg

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/app-store-ro.svg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/pop/multisport/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68300D310"
x-ms-request-id: 37f5dae9-a01e-0008-31bf-c3080d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/icon-expert.svg

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/icon-expert.svg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/pop/multisport/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B6820929CB"
x-ms-request-id: 3e457ea0-701e-0024-59bf-c3e4a2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

script.crazyegg.com/pages/scripts/0012/9242.js

104.19.148.8

200 OK

0 B

URL HTTP/2
script.crazyegg.com/pages/scripts/0012/9242.js
IP
104.19.148.8:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pages/scripts/0012/9242.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.4.2
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=5639
last-modified: Thu, 08 Sep 2022 19:45:55 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 2083
vary: Accept-Encoding
server: cloudflare
cf-ray: 747a62cd48430b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg

104.16.173.188

200 OK

0 B

URL HTTP/2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP
104.16.173.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:39 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 555
vary: Accept-Encoding
server: cloudflare
cf-ray: 747a62cfcc6bb503-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg

104.16.173.188

200 OK

0 B

URL HTTP/2
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP
104.16.173.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:39 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 533
vary: Accept-Encoding
server: cloudflare
cf-ray: 747a62cfdc87b503-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg

104.16.173.188

200 OK

0 B

URL HTTP/2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP
104.16.173.188:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:39 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 559
vary: Accept-Encoding
server: cloudflare
cf-ray: 747a62cfdc8bb503-OSL
content-encoding: br
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/app-sports-icon.svg

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/app-sports-icon.svg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/pop/multisport/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B682FA1D49"
x-ms-request-id: 3b5e931a-001e-0011-72bf-c388b6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/google-play-ro.svg

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/google-play-ro.svg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/pop/multisport/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68307D6EA"
x-ms-request-id: 02a99650-101e-000d-7fbf-c3dad6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Sep 2022 20:20:38 GMT
date: Thu, 08 Sep 2022 20:20:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/com-payments.svg

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/com-payments.svg
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/pop/multisport/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 20 Jun 2022 12:15:02 GMT
etag: W/"0x8DA52B680877D2F"
x-ms-request-id: cc993c91-e01e-0036-76bf-c39f72000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://forgerylimit.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: NGkNgKvE41ztpclvs1gdSA==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: W/"0x8DA52B67FA63ED8"
x-ms-request-id: e55021e3-a01e-0027-55bf-c305c6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

welcome.unibet.com/no/pop/multisport/read_json.js

108.161.188.196

200 OK

0 B

URL HTTP/2
welcome.unibet.com/no/pop/multisport/read_json.js
IP
108.161.188.196:0
ASN
#12989 StackPath LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/pop/multisport/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86115102-37950&btag=127656177_277C464F097048719C5534C4BB5393F9&bid=37950&campaignId=2750545&pid=86115102
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B6834CEC1B"
x-ms-request-id: 0f8d9feb-001e-0001-6bbf-c34dde000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

www.unibet.com/

85.184.96.0

200 OK

0 B

URL HTTP/2
www.unibet.com/
IP
85.184.96.0:0
ASN
#47171 Unibet Services Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86115102%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1662668437796)%5c%2f%22%2c%22CookieTag%22%3a%223795086115102451240919C2022982020%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228066488109%7c1%22%7d%5d; __ucbt=node0kvov7r346mg81qvxybvk3amss; uniattr=ST.0.T; uniattr_ref="http://forgerylimit.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_277C464F097048719C5534C4BB5393F9; BID=37950; PID=86115102; REFERER=http%3A%2F%2Fforgerylimit.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_277C464F097048719C5534C4BB5393F9%26sref%3DADST%26ADST%3D17230429%26affiliateId%3D1%26pid%3D86115102%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Sep 2022 20:20:38 GMT
content-type: text/html;charset=utf-8
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=10
expires: Thu, 08 Sep 2022 18:09:35 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (40)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations