Overview

URL mkkuei4kdsz.com/795/499.html
IP64.225.91.73
ASNDIGITALOCEAN-ASN
Location United States
Report completed2022-10-05 20:35:17 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-05 2 mkkuei4kdsz.com/795/499.html Malware
2022-10-05 2 ww2.mkkuei4kdsz.com/ Malware
mnemonic secure dns
Scan Date Severity Indicator Comment
2022-10-05 2 mkkuei4kdsz.com Sinkholed
2022-10-05 2 mkkuei4kdsz.com Sinkholed
2022-10-05 2 mkkuei4kdsz.com Sinkholed
2022-10-05 2 mkkuei4kdsz.com Sinkholed
2022-10-05 2 mkkuei4kdsz.com Sinkholed
Quad9 DNS
Scan Date Severity Indicator Comment
2022-10-05 2 mkkuei4kdsz.com Sinkholed
2022-10-05 2 mkkuei4kdsz.com Sinkholed
2022-10-05 2 mkkuei4kdsz.com Sinkholed
2022-10-05 2 mkkuei4kdsz.com Sinkholed
2022-10-05 2 mkkuei4kdsz.com Sinkholed
2022-10-05 2 vatcalf.com Sinkholed
2022-10-05 2 vatcalf.com Sinkholed


Files

No files detected



Passive DNS (37)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS a1s.unibet.com (1) 297625 2017-01-30 00:44:42 UTC 2022-10-05 19:48:15 UTC 85.184.96.5
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-05 06:03:19 UTC 54.230.111.99
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.100
mnemonic passive DNS xml.sedodna.com (1) 278378 2020-10-22 08:18:03 UTC 2022-10-05 11:40:45 UTC 173.239.53.32
mnemonic passive DNS ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-10-05 17:56:20 UTC 142.250.74.74
mnemonic passive DNS cdn.bannerflow.com (3) 23819 2018-02-22 12:57:21 UTC 2022-10-05 18:58:39 UTC 104.16.173.188
mnemonic passive DNS use.fontawesome.com (1) 942 2017-01-30 04:43:25 UTC 2022-10-05 11:39:44 UTC 172.64.133.15
mnemonic passive DNS domaincntrol.com (1) 274993 2018-01-06 22:46:59 UTC 2022-10-05 18:05:29 UTC 104.26.10.61
mnemonic passive DNS dpm.demdex.net (3) 204 2017-01-30 04:59:39 UTC 2022-10-05 11:38:44 UTC 34.243.91.96
mnemonic passive DNS cm.everesttech.net (1) 996 2017-01-30 04:59:57 UTC 2022-10-05 16:29:44 UTC 34.251.26.3
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-05 05:01:05 UTC 34.117.237.239
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-05 12:33:02 UTC 34.120.237.76
mnemonic passive DNS welcome.unibet.com (16) 242429 2017-01-30 05:39:28 UTC 2022-10-05 11:39:44 UTC 108.161.188.196
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-10-05 11:30:49 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS secure.adnxs.com (2) 396 2012-05-22 16:37:37 UTC 2022-10-05 14:26:15 UTC 185.89.211.132
mnemonic passive DNS tracking.crazyegg.com (1) 3633 2020-03-10 07:15:05 UTC 2022-10-05 17:51:59 UTC 54.76.252.170
mnemonic passive DNS e1.o.lencr.org (1) 6159 2021-08-20 07:36:30 UTC 2022-10-05 11:38:43 UTC 23.36.76.226
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-10-05 16:07:29 UTC 93.184.220.29
mnemonic passive DNS ww2.mkkuei4kdsz.com (4) 0 2022-01-21 14:07:05 UTC 2022-10-04 06:24:02 UTC 64.190.63.136 Unknown ranking
mnemonic passive DNS vatcalf.com (2) 0 2022-09-15 21:58:42 UTC 2022-10-05 20:02:05 UTC 213.174.151.99 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-10-05 06:59:18 UTC 142.250.74.3
mnemonic passive DNS www.unibet.com (1) 318338 2014-04-29 01:07:51 UTC 2022-10-05 18:58:38 UTC 85.184.96.0
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-10-05 11:30:49 UTC 104.17.25.14
mnemonic passive DNS mkkuei4kdsz.com (1) 0 2012-11-29 20:21:30 UTC 2022-10-05 04:53:57 UTC 64.225.91.73 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-05 09:14:56 UTC 34.213.92.18
mnemonic passive DNS img.sedoparking.com (1) 54200 2013-04-22 22:23:29 UTC 2022-10-05 14:54:15 UTC 205.234.175.175
mnemonic passive DNS adserving.unibet.com (1) 98000 2015-05-26 06:56:53 UTC 2022-10-05 18:58:37 UTC 23.36.79.43
mnemonic passive DNS no.unibet.com (3) 201503 2012-07-26 09:42:52 UTC 2022-10-05 11:39:44 UTC 85.184.96.0
mnemonic passive DNS ocsp.securetrust.com (1) 18792 2019-12-23 03:05:54 UTC 2022-10-05 17:15:26 UTC 23.36.79.25
mnemonic passive DNS unibetlondonltd.d3.sc.omtrdc.net (1) 444877 2017-01-29 21:05:05 UTC 2022-10-05 11:39:45 UTC 15.236.176.210
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-05 14:02:21 UTC 54.230.111.118
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-05 17:39:00 UTC 142.250.74.10
mnemonic passive DNS a1s-cdn.unibet.com (1) 283505 2014-04-23 15:07:51 UTC 2022-10-05 19:00:45 UTC 85.184.96.5
mnemonic passive DNS unibet.demdex.net (1) 338024 2017-01-30 05:50:24 UTC 2022-10-05 18:58:38 UTC 34.249.106.217
mnemonic passive DNS script.crazyegg.com (3) 1992 2015-01-07 19:40:26 UTC 2022-10-05 17:51:57 UTC 104.19.147.8
mnemonic passive DNS assets-tracking.crazyegg.com (1) 3651 2021-10-27 14:05:49 UTC 2022-10-05 17:51:59 UTC 54.230.111.11
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-10-05 07:13:38 UTC 23.36.77.32


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 64.225.91.73

Date UQ / IDS / BL URL IP
2022-12-07 13:31:23 +0000
0 - 0 - 3 mkkuei4kdsz.com/641/970.html 64.225.91.73
2022-12-07 12:02:59 +0000
0 - 0 - 23 osee5s.in/ 64.225.91.73
2022-12-07 11:08:43 +0000
0 - 0 - 5 mkkuei4kdsz.com/384/74.html 64.225.91.73
2022-12-07 10:11:53 +0000
0 - 0 - 3 mkkuei4kdsz.com/785/130.html 64.225.91.73
2022-12-07 09:38:28 +0000
0 - 0 - 6 mkkuei4kdsz.com/233/716.html 64.225.91.73

Last 5 reports on ASN: DIGITALOCEAN-ASN

Date UQ / IDS / BL URL IP
2022-12-07 17:43:42 +0000
0 - 0 - 3 aaae.co.in/el/index.php?QBOT.zip 134.209.151.132
2022-12-07 17:28:19 +0000
0 - 0 - 1 159.203.162.160/bin/mirai.mips 159.203.162.160
2022-12-07 16:47:41 +0000
0 - 0 - 1 159.203.162.160/bin/miraint.x86 159.203.162.160
2022-12-07 16:47:40 +0000
0 - 0 - 1 159.203.162.160/bin/miraint.mpsl 159.203.162.160
2022-12-07 16:47:40 +0000
0 - 0 - 1 159.203.162.160/bin/mirai.arm 159.203.162.160

Last 5 reports on domain: mkkuei4kdsz.com

Date UQ / IDS / BL URL IP
2022-12-07 13:31:23 +0000
0 - 0 - 3 mkkuei4kdsz.com/641/970.html 64.225.91.73
2022-12-07 11:08:43 +0000
0 - 0 - 5 mkkuei4kdsz.com/384/74.html 64.225.91.73
2022-12-07 10:11:53 +0000
0 - 0 - 3 mkkuei4kdsz.com/785/130.html 64.225.91.73
2022-12-07 09:38:28 +0000
0 - 0 - 6 mkkuei4kdsz.com/233/716.html 64.225.91.73
2022-12-07 06:03:17 +0000
0 - 0 - 5 mkkuei4kdsz.com/866/509.html 64.225.91.73

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-07 13:27:40 +0000
0 - 0 - 2 tiktok.p1aa.quest/zp051vjxr 170.10.160.83
2022-12-07 12:06:18 +0000
0 - 0 - 2 ruthehane.blogspot.com/2022/09/kedai-tayar-mu (...) 172.217.21.161
2022-12-07 12:00:14 +0000
0 - 0 - 5 172elijahholtnews.blogspot.com/2022/12/france (...) 172.217.21.161
2022-12-07 11:19:32 +0000
0 - 0 - 4 c0mplic4t3d-l0v3.blogspot.com/2021/10/bruce-l (...) 172.217.21.161
2022-12-07 11:03:31 +0000
0 - 0 - 4 lrkvdztifi.blogspot.com/2021/06/declan-rice-h (...) 172.217.21.161


JavaScript

Executed Scripts (33)


Executed Evals (9)

#1 JavaScript::Eval (size: 60, repeated: 1) - SHA256: 9d51544cc513110b130345a977b1e9e630b5a7aa01518f7f7898758b79a9699f

                                        (function() {
    return visitor.getMarketingCloudVisitorID()
})();
                                    

#2 JavaScript::Eval (size: 54, repeated: 1) - SHA256: fc490a09c28110ae2a7c965801ebeb5c572587f55c3524889f547dbcc34c1d81

                                        (function() {
    return screen.width + "x" + screen.height
})();
                                    

#3 JavaScript::Eval (size: 135, repeated: 1) - SHA256: fc7b851f30df68c5cc6d1fb3f06c300b2b1d7271f76cc187224050270141f0ed

                                        (function() {
    if (window.innerHeight) return window.innerHeight;
    d = screen.width + "x" + screen.height;
    return d.documentElement.offsetHeight
})();
                                    

#4 JavaScript::Eval (size: 62, repeated: 1) - SHA256: adf0ca592504ef680d5ea02d5161b15be0572fd3e5b41d152b74f0c76aea6c42

                                        (function() {
    return window.functions.getPageNameOldEvar1()
})();
                                    

#5 JavaScript::Eval (size: 61, repeated: 1) - SHA256: 9259355921509ced00b4d7d3e76c151037a06c88a646cd7d47d5d9c96984697c

                                        (function() {
    return window.functions.timeParting("n", "0")
})();
                                    

#6 JavaScript::Eval (size: 71, repeated: 1) - SHA256: dcdd7e7e286c45c94638f28053384616d6ca9a1b396b0109cb51f1298ba342bb

                                        (function() {
    return Math.round((new Date).getTime() / 1E3).toString()
})();
                                    

#7 JavaScript::Eval (size: 88, repeated: 1) - SHA256: 5e05e2cf30322e8f71d65a22aa5f4a095923b67286a61d83b7787e3468f42f62

                                        (function() {
    return "LP:" + BF_prop.LandingPageName.toString().replace(/:/ig, "").trim()
})();
                                    

#8 JavaScript::Eval (size: 55, repeated: 1) - SHA256: 14986cbd70f8b8a1770adf9800c113847daf392c2999dfff9dc71d2be98f3282

                                        (function() {
    return visitor.getAnalyticsVisitorID()
})();
                                    

#9 JavaScript::Eval (size: 132, repeated: 1) - SHA256: 0a23e511994a2c03a725773de07810ff171878b9c0177f40a663038e4e251168

                                        (function() {
    if (window.innerWidth) return window.innerWidth;
    d = screen.width + "x" + screen.height;
    return d.documentElement.offsetWidth
})();
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 50, repeated: 1) - SHA256: a2b051fa7d206df6e4eeee27678781de0752c1ac7adcfd359c1a2fc7ff507449

                                        < script src = "/widget/betslip/betslip.js" > < /script>
                                    


HTTP Transactions (85)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Klhj3niGEXSIgENWRK-Ot3OYLD6GDEg8svFeIVO5C9Xbx-2Mw4K1lg==
Age: 17268


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /795/499.html HTTP/1.1 
Host: mkkuei4kdsz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         64.225.91.73
HTTP/1.1 200 OK
content-type: text/html
                                        
server: nginx/1.18.0 (Ubuntu)
date: Wed, 05 Oct 2022 20:35:06 GMT
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   329
Md5:    ecbcb8bae64098de3e587487b474f8b8
Sha1:   e275409fb40ea27c3826af493f70faf147d0f995
Sha256: 2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2660
Expires: Wed, 05 Oct 2022 21:19:26 GMT
Date: Wed, 05 Oct 2022 20:35:06 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.99
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g3A1-BmadJpi2NEDpug0F2pSNQbGSVoSvO-vmDlf_jiydSbJGWnV3A==
age: 59554
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 05 Oct 2022 20:35:06 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 20:35:06 GMT
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10445810
expires: Mon, 25 Sep 2023 20:35:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MqrvepxeRtaOHoYBL%2FCREPEEH2ztsTut38TVi7eiV2yJhcf%2BJSZ8twlE01fYq8TcDckZIpuQHFT3qgrrqbNy1hUrPbQD2yrWvAFQ%2BxuUdSkRN%2FHgEICRbJu2U6sNWqXdFdiweph"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7558f12048770b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   27958
Md5:    4b5f47439b640180cc3450f7de05d0d8
Sha1:   5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
Sha256: 1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "48C9FD056BD8A1309EC1F4BFB4B0735D23B656B04FE649AD0A25257C895B7E4D"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4842
Expires: Wed, 05 Oct 2022 21:55:49 GMT
Date: Wed, 05 Oct 2022 20:35:07 GMT
Connection: keep-alive

                                        
                                            GET /?orighost=http://mkkuei4kdsz.com/795/499.html HTTP/1.1 
Host: domaincntrol.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.10.61
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
date: Wed, 05 Oct 2022 20:35:07 GMT
content-length: 28
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSk9TudlpzoXC8R8isDPRglRGnGzY5L2fACwwsOJx8TqU8cz50HmyshbVz72A5%2BCvJcpOm5d%2FXce9%2BVC%2FNlfzxDRzZKOujGYXHf3brNWB1ssO%2FaXoGGE%2BAOEv2cNCfzCmWc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7558f1212dfdb4ed-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   28
Md5:    7aae16ed70d2e07943585bbb1cd02b55
Sha1:   3209123510c034e6e38ca45edf14307f1375a8f5
Sha256: 51bfb53a70df6adc48f0670be59a16a657ab5a2bafc176973a32d5c36a4fc5d3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 05 Oct 2022 20:32:19 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 05 Oct 2022 20:54:26 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uftX7J7QKxv1ivyxSE3y78Jb6DGplYNzFEKyywiqBuAd2X9iw3udLQ==
Age: 334


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1547
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 20:35:07 GMT
Last-Modified: Wed, 05 Oct 2022 20:09:20 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: P/fzztD35GfWpCTGa19kMg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.213.92.18
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oUcO+8RSFzyw88S4132RZUBW8eU=

                                        
                                            GET / HTTP/1.1 
Host: ww2.mkkuei4kdsz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1

                                         
                                         64.190.63.136
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 05 Oct 2022 20:35:07 GMT
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_RlGSCujrTwIV09ewwdBk8PiCOXknsvjzonXp/BabLYsbM4wWv0k1teTkRJynKg7Y1QeTz1UsnxJZ/TvhfinDdA==
last-modified: Wed, 05 Oct 2022 20:35:07 GMT
x-cache-miss-from: parking-69b897b95b-m72r9
server: NginX
content-encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (700)
Size:   1328
Md5:    a674d777100d496da45e215c29f6b02b
Sha1:   86f1091d3037ae91e2395557fa01b9027be48383
Sha256: 14083442a5a1329607340c222d0705a826ce0b23de8628ab37da261f7601817f

Alerts:
  Blocklists:
    - fortinet: Malware
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /images/js_preloader.gif HTTP/1.1 
Host: img.sedoparking.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/

                                         
                                         205.234.175.175
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Wed, 05 Oct 2022 20:35:08 GMT
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Wed, 12 Oct 2022 20:35:08 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: f693012f6740433bb39891f925a659d4
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16\012- data
Size:   4254
Md5:    90c93102a88c2ab94bff1575b7a6e86e
Sha1:   56d71bf13de464534643db9d127629a0a3bf677a
Sha256: 5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
                                        
                                            GET /search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY2NTAwMjEwN2I3NjQwYTlkMmI2Y2Y3YmIwMmE1NTlmMjlkYmQ3NzAw&crc=b054b8f5d6a309775b20380661edaa74ce1cb305&cv=1 HTTP/1.1 
Host: ww2.mkkuei4kdsz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/

                                         
                                         64.190.63.136
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 05 Oct 2022 20:35:08 GMT
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-69b897b95b-xx927
server: NginX


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DF0DjkIQtRHI_0&v=NzczYzk3NDBmMTVlYTFlYzVhN2RiYmNiMmEyNjYwNjcJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMzZGVhN2I1MzU4ZDcuNjkzNDAyNjUJd3cyLm1ra3VlaTRrZHN6LmNvbTYzM2RlYTdiNTM1YmYxLjMxMjM3MzI5CTE2NjUwMDIxMDcJYWRfNjNfMA==&l=OAlhNWUzNmM4M2RkYjNmOWUwYTQzZDIwMjY1MjIzZTQxMwkwCTM1CTAJMTQ3OGJjMzZiYTJiMWYzOTA3MTE0YjFhYTQ0NTE5MmUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjUwMDIxMDcJMC4wMDAxODIJTgkwCTEJMTgwNQkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1 
Host: ww2.mkkuei4kdsz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1

                                         
                                         64.190.63.136
HTTP/1.1 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Wed, 05 Oct 2022 20:35:08 GMT
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Wed, 05 Oct 2022 20:35:08 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DF0DjkIQtRHI_0&v=NzczYzk3NDBmMTVlYTFlYzVhN2RiYmNiMmEyNjYwNjcJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMzZGVhN2I1MzU4ZDcuNjkzNDAyNjUJd3cyLm1ra3VlaTRrZHN6LmNvbTYzM2RlYTdiNTM1YmYxLjMxMjM3MzI5CTE2NjUwMDIxMDcJYWRfNjNfMA==&l=OAlhNWUzNmM4M2RkYjNmOWUwYTQzZDIwMjY1MjIzZTQxMwkwCTM1CTAJMTQ3OGJjMzZiYTJiMWYzOTA3MTE0YjFhYTQ0NTE5MmUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjUwMDIxMDcJMC4wMDAxODIJTgkwCTEJMTgwNQkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D
x-cache-miss-from: parking-69b897b95b-g4w4f
server: NginX


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DF0DjkIQtRHI_0&v=NzczYzk3NDBmMTVlYTFlYzVhN2RiYmNiMmEyNjYwNjcJMQl3dzIubWtrdWVpNGtkc3ouY29tNjMzZGVhN2I1MzU4ZDcuNjkzNDAyNjUJd3cyLm1ra3VlaTRrZHN6LmNvbTYzM2RlYTdiNTM1YmYxLjMxMjM3MzI5CTE2NjUwMDIxMDcJYWRfNjNfMA==&l=OAlhNWUzNmM4M2RkYjNmOWUwYTQzZDIwMjY1MjIzZTQxMwkwCTM1CTAJMTQ3OGJjMzZiYTJiMWYzOTA3MTE0YjFhYTQ0NTE5MmUJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NjUwMDIxMDcJMC4wMDAxODIJTgkwCTEJMTgwNQkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1 
Host: ww2.mkkuei4kdsz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         64.190.63.136
HTTP/1.1 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Wed, 05 Oct 2022 20:35:08 GMT
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Wed, 05 Oct 2022 20:35:08 GMT
location: http://xml.sedodna.com/click?i=F0DjkIQtRHI_0
x-cache-miss-from: parking-69b897b95b-m72r9
server: NginX


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   311
Md5:    04d51dc1a63c2d9f184118b7143360d0
Sha1:   d5cabc020ef5dcad71b183bc5d2d19ec47dabf35
Sha256: caf6759c099d20409b007564568dc9dce6a0dd9ca00444cbaa692fee74e33990

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
                                        
                                            GET /click?i=F0DjkIQtRHI_0 HTTP/1.1 
Host: xml.sedodna.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         173.239.53.32
HTTP/1.1 302 Found
                                        
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://vatcalf.com/nnv8s9q3s?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjM5MzU5MV8yNDA5MzRfNDgyMjc4IiwiYWkiOiJhNzc5YmRiZjBmOWNmZDdmMjUzZTg2MTJlZTdjM2ZmMCIsImJpZCI6MC4wMDA0Nzk5OTk5OTk5OTk5OTk5NiwiYyI6MC44LCJsIjozNTc3OTkyLCJlYW4iOi0xLCJzIjoiZTY3MGNjMmE1ODU3YTIzY2QzZjMyZTQ2ODlhNjAzMzU2OWVjYTI3NTBmMTY2NzVmNWRiNmRhODA2MjFiYjA1ZjEyOGE0OTBmMmZiZDk1MGY1MzgyYWI3MGVlN2YyMGY0Y2FhOGI5YTQwNWNlOGQ1NmMzNzdjMmE1NWYiLCJldCI6IjE2NjUwMDI3MDcifQ.npIedE68_F-HCyPc5BiEHa7wBWsUiXyMtfSXhpcj2o4&key=c8aa99f83b13fe6df17d2274f579c699&ap=${AUCTION_PRICE}&l=3577992&sub3=1665002107&pid=154044&auid=a779bdbf0f9cfd7f253e8612ee7c3ff0&
Pragma: no-cache

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0EBFC1208AD91BA16D589A3323301412EDC0A60E9EF30896A60EE5BD64483B80"
Last-Modified: Wed, 05 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18602
Expires: Thu, 06 Oct 2022 01:45:10 GMT
Date: Wed, 05 Oct 2022 20:35:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13071
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 20:35:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13071
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 20:35:09 GMT
Connection: keep-alive

                                        
                                            GET /nnv8s9q3s?auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjM5MzU5MV8yNDA5MzRfNDgyMjc4IiwiYWkiOiJhNzc5YmRiZjBmOWNmZDdmMjUzZTg2MTJlZTdjM2ZmMCIsImJpZCI6MC4wMDA0Nzk5OTk5OTk5OTk5OTk5NiwiYyI6MC44LCJsIjozNTc3OTkyLCJlYW4iOi0xLCJzIjoiZTY3MGNjMmE1ODU3YTIzY2QzZjMyZTQ2ODlhNjAzMzU2OWVjYTI3NTBmMTY2NzVmNWRiNmRhODA2MjFiYjA1ZjEyOGE0OTBmMmZiZDk1MGY1MzgyYWI3MGVlN2YyMGY0Y2FhOGI5YTQwNWNlOGQ1NmMzNzdjMmE1NWYiLCJldCI6IjE2NjUwMDI3MDcifQ.npIedE68_F-HCyPc5BiEHa7wBWsUiXyMtfSXhpcj2o4&key=c8aa99f83b13fe6df17d2274f579c699&ap=${AUCTION_PRICE}&l=3577992&sub3=1665002107&pid=154044&auid=a779bdbf0f9cfd7f253e8612ee7c3ff0& HTTP/1.1 
Host: vatcalf.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         213.174.151.99
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx/1.17.6
Date: Wed, 05 Oct 2022 20:35:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17196958; expires=Thu, 06 Oct 2022 20:35:09 GMT ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzE5Njk1OCwiayI6ImM4YWE5OWY4M2IxM2ZlNmRmMTdkMjI3NGY1NzljNjk5Iiwic2lkIjoiMzkzNTkxXzI0MDkzNF80ODIyNzgiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE4NDQxNTksInBpZCI6MTU0MDQ0LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMzLCJhaWQiOjI4LCJwdCI6OCwicGsiOiJubnY4czlxM3MiLCJ0IjoxfSwicGIiOnsicmVwIjoiaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8iLCJpZiI6dHJ1ZSwibmMiOmZhbHNlLCJuaiI6ZmFsc2UsImluIjpmYWxzZSwidHAiOjEsIm5hIjpmYWxzZX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vd3cyLm1ra3VlaTRrZHN6LmNvbS8ifX0.6NXHcW8o-Wv-SPhpNvh8nhOY1zrzrryq1vs9HB9flMU; expires=Wed, 05 Oct 2022 20:36:09 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 92ed68340f0128437fc42d54a5b17bf7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (591)
Size:   2990
Md5:    6e711217eb3fc8640dac8f0ccc485622
Sha1:   cb31075cc17e08ab8b277f0232fc9687fb78cf67
Sha256: e73735980c3fe833806e5a2b5b018aaed81478aab7833ccf0bd3b4f78037626e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13071
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 20:35:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13071
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 20:35:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13071
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 20:35:09 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:25 GMT
age: 82304
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8926
Md5:    1de7c17a0ba9295135e7f8b490b6a8d3
Sha1:   70e8d1589f3daf71378965dd197934e220fb6aa4
Sha256: ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8816
x-amzn-requestid: b9f3ec8a-f478-4405-b275-e21f2d7d89d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKK7gFPJIAMF-7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f1e3-250348e6140f3c74762263ea;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8f83Wv7OrO7NOd1y1LXjfphRmJjdwrkcAxrxUN4A4qSgsEzIQMq81g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:38:40 GMT
age: 78989
etag: "5261a6c2ee6d6cc87e91ee82e32d8be234db393e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8816
Md5:    100559d746bedd7c3802661c875c35ee
Sha1:   5261a6c2ee6d6cc87e91ee82e32d8be234db393e
Sha256: ff06f31267ddcc9a0d84ddc68932872bfed29d072783c3a1dd3790d41c280aec
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iR82CJ6A06dpqy_nm6JrmjeUJT-uhI5rr0dr6ZnhrQQo9Jqxh10qRQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:43 GMT
age: 82286
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5832
Md5:    3257b782efae9b64e6e18a547866ec50
Sha1:   4daf0c001e86af8477fb097e8ca932edb8e5f981
Sha256: 899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3585
x-amzn-requestid: 43c510d4-d87c-4665-a132-d798b836d415
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaJbLHEOoAMFfxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a55e0-614faff31425ff183b7ca4dd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:24:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d1LCc44Gj_0Je8adu7Iv3I9MwkaDPgWqlNHI96UAtZub22l210J65A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:53:07 GMT
age: 56522
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3585
Md5:    5d7d7df8d4c440f9db445c3d99e818d6
Sha1:   612b6dbd4ba895c167964ff7e6d9263013b52b0a
Sha256: bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7021
x-amzn-requestid: 2e30bdac-360e-4d0a-8bb7-c3144e074abe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8ucHb1oAMFjYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7f5-18ba6bc50cb32b1e14c882bd;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: UPEhTwAYEIRy-Cnb0ITefEotLyg3rFe_NaGy92xwWe_7hrdo6UQLwQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:56:53 GMT
age: 81496
etag: "6b5db8fbfb56f083d54b13e7660d0e4bc866aa00"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7021
Md5:    229c99cfb655a8c9f1a22de69fdff73c
Sha1:   6b5db8fbfb56f083d54b13e7660d0e4bc866aa00
Sha256: f4099e9153c3dc481add95b0f24dbb8f6d65cc74ad5631d9cb6c6f2a0351843d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:06:09 GMT
age: 59340
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10158
Md5:    4fc2ddd86450d64d3fb659ab4e78be58
Sha1:   bbe71936b78a8c34d03ab87948dc840b35c6948f
Sha256: 84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
                                        
                                            GET /nnv8s9q3s?pst=1665002169&rmtc=t&uuid=&pii=&in=false&refer=http%3A%2F%2Fww2.mkkuei4kdsz.com%2F&key=c8aa99f83b13fe6df17d2274f579c699&pid=154044&auid=a779bdbf0f9cfd7f253e8612ee7c3ff0&ap=%24%7BAUCTION_PRICE%7D&l=3577992&sub3=1665002107&shu=220b5a19243a40b804f8c8dde2876e941b67b224cbc0a241c6d58b73c78d30c55ab85a977fb2281777dee28352f7336fd62f677cc4ca2d7b686089b148d68be3fc7c237250ebd088d25b4c3c93c6f1092eb9a1b4&fr=0&sw2=1280&sh2=939&sw3=1280&sh3=176&sw4=1280&sh4=939&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1002&auie=eyJhbGciOiJIUzI1NiJ9.eyJ1YSI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwiaXAiOiI5MS45MC40Mi4xNTQiLCJwcyI6IjM5MzU5MV8yNDA5MzRfNDgyMjc4IiwiYWkiOiJhNzc5YmRiZjBmOWNmZDdmMjUzZTg2MTJlZTdjM2ZmMCIsImJpZCI6MC4wMDA0Nzk5OTk5OTk5OTk5OTk5NiwiYyI6MC44LCJsIjozNTc3OTkyLCJlYW4iOi0xLCJzIjoiZTY3MGNjMmE1ODU3YTIzY2QzZjMyZTQ2ODlhNjAzMzU2OWVjYTI3NTBmMTY2NzVmNWRiNmRhODA2MjFiYjA1ZjEyOGE0OTBmMmZiZDk1MGY1MzgyYWI3MGVlN2YyMGY0Y2FhOGI5YTQwNWNlOGQ1NmMzNzdjMmE1NWYiLCJldCI6IjE2NjUwMDI3MDcifQ.npIedE68_F-HCyPc5BiEHa7wBWsUiXyMtfSXhpcj2o4 HTTP/1.1 
Host: vatcalf.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vatcalf.com/nnv8s9q3s?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=17196958
Cookie: u_pl=17196958; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzE5Njk1OCwiayI6ImM4YWE5OWY4M2IxM2ZlNmRmMTdkMjI3NGY1NzljNjk5Iiwic2lkIjoiMzkzNTkxXzI0MDkzNF80ODIyNzgiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE4NDQxNTksInBpZCI6MTU0MDQ0LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMzLCJhaWQiOjI4LCJwdCI6OCwicGsiOiJubnY4czlxM3MiLCJ0IjoxfSwicGIiOnsicmVwIjoiaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8iLCJpZiI6dHJ1ZSwibmMiOmZhbHNlLCJuaiI6ZmFsc2UsImluIjpmYWxzZSwidHAiOjEsIm5hIjpmYWxzZX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vd3cyLm1ra3VlaTRrZHN6LmNvbS8ifX0.6NXHcW8o-Wv-SPhpNvh8nhOY1zrzrryq1vs9HB9flMU; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

                                         
                                         213.174.151.99
HTTP/1.1 302 Found
Content-Type: text/html
                                        
Server: nginx/1.17.6
Date: Wed, 05 Oct 2022 20:35:09 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17196958
Set-Cookie: pdhtkv=true; expires=Thu, 06 Oct 2022 20:35:09 GMT uncs=1; expires=Thu, 06 Oct 2022 20:35:09 GMT pdhtkv28=true; expires=Thu, 06 Oct 2022 20:35:09 GMT uncs28=1; expires=Thu, 06 Oct 2022 20:35:09 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 345911751f480aebcd16ec37c3a39a53
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17196958 HTTP/1.1 
Host: adserving.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vatcalf.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
content-length: 0
location: https://no.unibet.com/stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&sref=ADST&ADST=17196958&affiliateId=1&pid=86075577&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Wed, 05 Oct 2022 20:35:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 05 Oct 2022 20:35:09 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; domain=.unibet.com; expires=Fri, 05-Oct-3021 20:35:09 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=22, origin; dur=82
X-Firefox-Spdy: h2

                                        
                                            GET /stan/campaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&sref=ADST&ADST=17196958&affiliateId=1&pid=86075577&bid=37950 HTTP/1.1 
Host: no.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vatcalf.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         85.184.96.0
HTTP/2 301 Moved Permanently
                                        
date: Wed, 05 Oct 2022 20:35:09 GMT
content-length: 0
location: https://no.unibet.com:443/stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&sref=ADST&ADST=17196958&affiliateId=1&pid=86075577&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86075577-37950
set-cookie: JSESSIONID=node05fwyterd1xzk27n6ozzjqi981345847.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict __ucbt=node05fwyterd1xzk27n6ozzjqi981; Path=/; Domain=.unibet.com; Expires=Fri, 04-Oct-2024 20:35:09 GMT; Max-Age=63072000; Secure; SameSite=None uniattr=ST.0.T; Path=/; Domain=.unibet.com; Expires=Fri, 04-Oct-2024 20:35:09 GMT; Max-Age=63072000; Secure; SameSite=None uniattr_ref="https://vatcalf.com/"; Path=/; Domain=.unibet.com; Expires=Fri, 04-Oct-2024 20:35:09 GMT; Max-Age=63072000; Secure; SameSite=None UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None affid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None netwid=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None CLAIM_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39061430; Secure; SameSite=None framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Wed, 05-Oct-2022 20:35:24 GMT; Max-Age=15; Secure; SameSite=None affiliateId=1; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39061430; Secure; SameSite=None B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39061430; Secure; SameSite=None REGISTRATION_CODE=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None BID=37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39061430; Secure; SameSite=None PID=86075577; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39061430; Secure; SameSite=None CHID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None REFERER=https%3A%2F%2Fvatcalf.com%2F; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39061430; Secure; SameSite=None UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None BOCAID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None PRODUCT_ID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFID=; Path=/; Domain=.unibet.com; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39061430; Secure; SameSite=None AFFILIATE_CAMPAIGN_ID=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39061430; Secure; SameSite=None framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Wed, 05-Oct-2022 20:35:24 GMT; Max-Age=15; Secure; SameSite=None campaignId=2750545; Path=/; Domain=.unibet.com; Expires=Sun, 31-Dec-2023 22:58:59 GMT; Max-Age=39061430; Secure; SameSite=None framework.forceBigLandingArea=; Path=/; Domain=.unibet.com; Expires=Wed, 05-Oct-2022 20:35:24 GMT; Max-Age=15; Secure; SameSite=None clientId=polopoly_desktop; Domain=no.unibet.com; Path=/; SameSite=None; Secure
referer: https://vatcalf.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Wed, 05 Oct 2022 20:35:09 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2

                                        
                                            GET /stan/redirecttocampaign.do?cmpId=2750545&affiliateId=1&unibetTarget=/no/pop/multisport/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&sref=ADST&ADST=17196958&affiliateId=1&pid=86075577&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fno%2Fpop%2Fmultisport%2Findex.html%3Fmktid%3D1%3A127656177%3A86075577-37950 HTTP/1.1 
Host: no.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vatcalf.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         85.184.96.0
HTTP/2 301 Moved Permanently
                                        
date: Wed, 05 Oct 2022 20:35:09 GMT
content-length: 0
location: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&bid=37950&campaignId=2750545&pid=86075577
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Wed, 05 Oct 2022 20:35:09 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.securetrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 638
Date: Wed, 05 Oct 2022 20:35:10 GMT
Connection: keep-alive

                                        
                                            GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1 
Host: a1s-cdn.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         85.184.96.5
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 05 Oct 2022 20:35:10 GMT
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   956
Md5:    fd48e87ecd4d06d9c5df490b91dc813e
Sha1:   a65a437db44444634e4f41732c590c1d14433b3f
Sha256: 2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.74
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 02:36:40 GMT
expires: Mon, 02 Oct 2023 02:36:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 323910
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30399
Md5:    0f83cadc148d2ad7e53c91f6c4ee05bb
Sha1:   90035c5fffedf4b0f099465f6b929a030b46c92b
Sha256: 3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
                                        
                                            GET /no/pop/multisport/app-store-ro.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 05 Oct 2022 20:35:10 GMT
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68300D310"
x-ms-request-id: ccef97a8-d01e-002d-40f8-d8a171000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5467
Md5:    af6b95160edcb3cb8f27a825b120130a
Sha1:   2cfe8cf15f1933071002d887c6b12e61fcd08394
Sha256: 2380633166c4d39eda3705eb707ba03a708aabf4744790a492b2cc73cbc479d4
                                        
                                            GET /no/pop/multisport/google-play-ro.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 05 Oct 2022 20:35:10 GMT
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68307D6EA"
x-ms-request-id: 59f41150-101e-0050-4bf8-d8d052000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2730
Md5:    e75223dd4693c8c98448377a48a4a1e1
Sha1:   7098b0f1a65639d3632ca23c5335d283777a2fa7
Sha256: d7c2311ebb821666f7baa10473f876249cdac1573422694ce3326727f6a83069
                                        
                                            GET /no/pop/multisport/unibet-logo.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 05 Oct 2022 20:35:10 GMT
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: W/"0x8DA52B6805B919A"
x-ms-request-id: 4ec8c3a3-901e-0071-74f8-d8f429000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   99543
Md5:    f31b7eb2d4ce761e4c8574f2261df3e8
Sha1:   db46a411fce59207f18d51b147853706060feaf7
Sha256: b1d8d9a9a28a98843cdaa9e2750e8b2b3a66f31381dd46775cca25c214f21277
                                        
                                            GET /widget/betslip/betslip.js HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 20:35:10 GMT
cache-control: public, max-age=900, immutable
content-md5: V3DcYDl/+4NNEoCqe8670A==
last-modified: Tue, 15 Jan 2019 09:54:22 GMT
etag: W/"0x8D67ACF6D112CB5"
x-ms-request-id: bc897d69-e01e-006b-3bf8-d895f6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   15296
Md5:    3440f5f64038ca105009e4806b95895f
Sha1:   1cd234d69477e039e50af1605cfc65213a14b9b4
Sha256: 1195b4b48094bb33dada56a4d9a955d7678891f25e8f312bcd552539f0e56fd8
                                        
                                            GET /no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&bid=37950&campaignId=2750545&pid=86075577 HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vatcalf.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Wed, 05 Oct 2022 20:35:10 GMT
cache-control: public, max-age=900, immutable
content-md5: NGkNgKvE41ztpclvs1gdSA==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: W/"0x8DA52B67FA63ED8"
x-ms-request-id: c26c032c-601e-0038-37f9-d8b6c2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5563
Md5:    568781d16e1079578aad8cd46a50fda4
Sha1:   b41a8dd1d3452099c83c4eef7e0a26535b955f9e
Sha256: 2e93ce042d4dc34a9d9402a5709fc10f05c37f50dd0b86eded5178bff9830c7d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /no/pop/multisport/icon-trust.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 05 Oct 2022 20:35:10 GMT
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B68201D7DE"
x-ms-request-id: 772d4048-001e-003e-34f8-d8857d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   74927
Md5:    21d9229651f6b7ba5bc18160a3ddc848
Sha1:   2c87a1fb576e677fe85abea1a362f4bb7817128d
Sha256: d0b6c81cebeb948ea2d7f4056873dbd64dd7631fb876dd4f56e3425349e3865a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 14:07:32 GMT
expires: Thu, 05 Oct 2023 14:07:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
age: 23258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size:   15920
Md5:    3a44e06eb954b96aa043227f3534189d
Sha1:   23cef6993ddb2b2979e8e7647fc3763694e2ba7d
Sha256: b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:21 GMT
expires: Thu, 05 Oct 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 3649
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size:   15740
Md5:    b9c29351c46f3e8c8631c4002457f48a
Sha1:   e57e59c5780995ff2937ab2b511a769212974a87
Sha256: f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
                                        
                                            GET /orval/tracking/lastclick.min.js HTTP/1.1 
Host: a1s.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         85.184.96.5
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 05 Oct 2022 20:35:10 GMT
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16558
Md5:    eec4f89a7e8f59d9f82a053ceb92e571
Sha1:   4c68233736165e4bb7b261b5f263b736a4d29b76
Sha256: 1c39eed36bff4debd2edd699dd535fb49c625b1f077ed81c7847e90bfb714ac7
                                        
                                            GET /no/pop/multisport/com-payments.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 05 Oct 2022 20:35:10 GMT
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Mon, 20 Jun 2022 12:15:02 GMT
etag: W/"0x8DA52B680877D2F"
x-ms-request-id: f3b652f6-401e-005d-80f9-d81886000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   91234
Md5:    8470b87dd46ee218eaef5e37a0838f8c
Sha1:   353a892644c9fa1e8a16d8f10fbb12903be02f12
Sha256: 620a4c510085d3c05e6e6844a8aa32912b8b480a94666660f996cf041a70b512
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Oct 2022 20:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /no/pop/multisport/icon-sports.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 05 Oct 2022 20:35:10 GMT
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B682395A83"
x-ms-request-id: c8e3e183-701e-001b-47f8-d82c01000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1258
Md5:    ca9ead1127b130dd6689f40ce200f063
Sha1:   fdeefc78ed889c22f8699692b90f13a005f8090c
Sha256: 2ec4c69d70663b172db36149c2e516587406426448f4344b58e7b883d1cc0a9c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2877
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 20:35:10 GMT
Last-Modified: Wed, 05 Oct 2022 19:47:13 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1665002110675 HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.243.91.96
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-2-v044-030456c97.edge-irl1.demdex.com 10 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=58799968548665607310427460585441520168; Max-Age=15552000; Expires=Mon, 03 Apr 2023 20:35:10 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: MeMX8S+eQhE=
Content-Length: 498
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Size:   498
Md5:    1733a5341ebfab8c590d09aae87eb527
Sha1:   dcde0f0123f44f065a6c0cc93d9fbcbc584df496
Sha256: b0a61afa5aed16bac35311464eccc5488d12561939ad13f4451fec60ae4813d6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5634
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 20:35:11 GMT
Last-Modified: Wed, 05 Oct 2022 19:01:17 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=58792338523548045440423453630369863603&ts=1665002110922 HTTP/1.1 
Host: unibetlondonltd.d3.sc.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         15.236.176.210
HTTP/2 200 OK
content-type: application/x-javascript;charset=utf-8
                                        
access-control-allow-origin: https://welcome.unibet.com
access-control-allow-credentials: true
date: Wed, 05 Oct 2022 20:35:11 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /dest5.html?d_nsid=0 HTTP/1.1 
Host: unibet.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         34.249.106.217
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
date: Wed, 5 Oct 2022 20:35:11 GMT
DCS: dcs-prod-irl1-2-v044-0c2c7cff5.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 29 Sep 2022 16:52:13 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: SijR3KlVTGY=
Content-Length: 2791
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size:   2791
Md5:    ccbdcb1e84c241950763ec4cd516cdfc
Sha1:   55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
Sha256: de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
                                        
                                            GET /css?family=Roboto:300,400,500 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 20:35:10 GMT
date: Wed, 05 Oct 2022 20:35:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /no/pop/multisport/1-main.js HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 20:35:10 GMT
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B68343779E"
x-ms-request-id: 772cf52b-001e-003e-59f8-d8857d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2100
Md5:    517df21d1f805baeeab05c40f7daf495
Sha1:   6f23cb8f39973f8a37a7e59e12f001d31fae7785
Sha256: 7585bce0b87899165558b0b8d72f9205b09db241cb974332812f339a5087a6cb
                                        
                                            GET /pages/data-scripts/0012/9242/site/welcome.unibet.com.json?t=1 HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: application/json
                                        
date: Wed, 05 Oct 2022 20:35:11 GMT
content-length: 1541
access-control-expose-headers: CE-Version
ce-version: 11.4.10
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Wed, 05 Oct 2022 14:48:51 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 20780
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7558f13b39beb509-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (4015), with no line terminators
Size:   1541
Md5:    ef244c9089eb6794166e6805c569bde6
Sha1:   d5cad4ff393009d7f47227b8e80f47f7ab30d9eb
Sha256: b4b05a644b21aa95aeb03790312f6d6ff0d7013a987e07c0b1881079d4900662
                                        
                                            GET /seg?add=9755599 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.211.132
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Wed, 05 Oct 2022 20:35:11 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
AN-X-Request-Uuid: c4841f28-1516-4e46-a39a-754dc19ad4fa
Set-Cookie: uuid2=980145842816992768; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 03-Jan-2023 20:35:11 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com

                                        
                                            GET /no/pop/multisport/gambling-commission.png HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
date: Wed, 05 Oct 2022 20:35:11 GMT
content-length: 178
location: https://www.unibet.com/
server: NetDNA-cache/2.2
x-cache: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET / HTTP/1.1 
Host: www.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=BLP.1.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19271%7CMCMID%7C58792338523548045440423453630369863603%7CMCAAMLH-1665606910%7C6%7CMCAAMB-1665606910%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665009311s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.4.0; AMCVS_F431E3BC5593E3887F000101%40AdobeOrg=1; s_cc=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         85.184.96.0
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
date: Wed, 05 Oct 2022 20:35:11 GMT
content-length: 162
location: https://no.unibet.com/
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
set-cookie: clientId=polopoly_desktop; Domain=www.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET / HTTP/1.1 
Host: no.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=BLP.1.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545; clientId=polopoly_desktop; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19271%7CMCMID%7C58792338523548045440423453630369863603%7CMCAAMLH-1665606910%7C6%7CMCAAMB-1665606910%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665009311s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.4.0; AMCVS_F431E3BC5593E3887F000101%40AdobeOrg=1; s_cc=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         85.184.96.0
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
date: Wed, 05 Oct 2022 20:35:11 GMT
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=10
expires: Wed, 05 Oct 2022 20:35:01 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/no.unibet.com/index.html
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   42541
Md5:    ca5200cc3e64c2660f9282b540426659
Sha1:   e2096af5681e38a06bc329ccd4ef035e29cea5b6
Sha256: 41e5417ea9890a1fe6f290fa4d5ec5470b20e521d812b11850eb3a298c7a975c
                                        
                                            GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1 
Host: secure.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.89.211.132
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.21.3
Date: Wed, 05 Oct 2022 20:35:11 GMT
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 83195632-a658-42d5-a422-c92f36656822
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2Illosr>g!]tbP6j2F-XstGt!@E$)%!M@2; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 03-Jan-2023 20:35:11 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    592ebefc7104d681d57852665e9ad514
Sha1:   15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
Sha256: 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
                                        
                                            GET /pages/scripts/0012/9242.js HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Wed, 05 Oct 2022 20:35:11 GMT
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.4.10
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=5675
last-modified: Wed, 05 Oct 2022 14:48:50 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 20781
vary: Accept-Encoding
server: cloudflare
cf-ray: 7558f13b0985b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5829), with no line terminators
Size:   2198
Md5:    e96bd1944fcdc2d94a06c3593aec8c22
Sha1:   11353f271bde0c8d05630990a0adea9c884340a7
Sha256: d4fa72bb842dae6a1fdbcdba7ed26e97bea6c224faaf1bccc00f6fc8e62bcce4
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 20:35:11 GMT
Last-Modified: Wed, 05 Oct 2022 19:19:40 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: pStWJWwjSSbX4G9oPd2oJtq64P68C5_lBnzowdVpmJR6RAJhxFGQ0g==
Age: 4531

                                        
                                            GET /cm/dd?d_uuid=58799968548665607310427460585441520168 HTTP/1.1 
Host: cm.everesttech.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.251.26.3
HTTP/1.1 302
                                        
Date: Wed, 05 Oct 2022 20:35:11 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Yz3qfwAAAHyWmQNx; Domain=.everesttech.net; Expires=Thu, 05-Oct-2023 20:35:11 GMT; Path=/ everest_session_v2=Yz3qfwAAAHyWmgNx; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yz3qfwAAAHyWmQNx
Server: AMO-cookiemap/1.1

                                        
                                            GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1 
Host: cdn.bannerflow.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.173.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 05 Oct 2022 20:35:11 GMT
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 515
vary: Accept-Encoding
server: cloudflare
cf-ray: 7558f13d6bac0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   8051
Md5:    4d2278463678def71945751036451fc3
Sha1:   4e8f96f287e2b43a2af9d58052f95db8542937a0
Sha256: 50c83b955aee655f96ad96ddfb7feb9d50620bf6966011efe0109a50bad30652
                                        
                                            GET /healthcheck HTTP/1.1 
Host: assets-tracking.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.11
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 19
date: Mon, 22 Aug 2022 11:33:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sPt1CuTN--YF79kLXHWAaLKq_2ORG7K0_EEaC8sPE6tc7ypRlQ1dLw==
age: 3834116
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   19
Md5:    d06f04fccf68d0b228a5923187ce1afd
Sha1:   5de9df9fdd66a91eed06e31981553d4ab9ccf490
Sha256: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
                                        
                                            GET /ibs:dpid=411&dpuuid=Yz3qfwAAAHyWmQNx HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.243.91.96
HTTP/1.1 302 Found
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v044-0efdc1c19.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yz3qfwAAAHyWmQNx
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=90773333354194077583328372342257442532; Max-Age=15552000; Expires=Mon, 03 Apr 2023 20:35:11 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 5PbrJ7o5T54=
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yz3qfwAAAHyWmQNx HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.243.91.96
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-1-v044-0d690d0dc.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: pcyIHvUcTRc=
Content-Length: 59
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   59
Md5:    1251cd5e5c2def4c046309375f87c1c1
Sha1:   e02d6b0c6a5c495c15985e2832e335eda8528c80
Sha256: 4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 05 Oct 2022 20:35:11 GMT
Last-Modified: Wed, 05 Oct 2022 18:55:01 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tLcenQQe-_Se9q_2cIzG0MkLjQd4EnMmKmQjHJXyaE9pOICTzzV5_g==
Age: 6010

                                        
                                            GET /clock?t=1665002111725 HTTP/1.1 
Host: tracking.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.76.252.170
HTTP/2 200 OK
content-type: text/plain
                                        
server: awselb/2.0
date: Wed, 05 Oct 2022 20:35:11 GMT
content-length: 26
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    8dabfbf2c8c091f5ae95696af6f1ed65
Sha1:   0b856f07f4b769a3b094b894e55463f0817f9cd4
Sha256: 0970c5cfd3fac12918968ad9eba1fae9e748b2186319088c2ff52bff6ba73d86
                                        
                                            GET /no/pop/multisport/1-styles.css HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Wed, 05 Oct 2022 20:35:10 GMT
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Mon, 20 Jun 2022 12:15:00 GMT
etag: W/"0x8DA52B67FB09D8F"
x-ms-request-id: de0f3e6f-201e-0039-12f8-d8e91e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1 
Host: cdn.bannerflow.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.173.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 05 Oct 2022 20:35:11 GMT
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 4
vary: Accept-Encoding
server: cloudflare
cf-ray: 7558f13d5b830b45-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /custom.js HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 05 Oct 2022 20:35:10 GMT
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: 91a6cde2-b01e-002b-4396-d892ce000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1 
Host: cdn.bannerflow.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.173.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 05 Oct 2022 20:35:11 GMT
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 515
vary: Accept-Encoding
server: cloudflare
cf-ray: 7558f13d6bab0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/read_json.js HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 05 Oct 2022 20:35:10 GMT
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B6834CEC1B"
x-ms-request-id: 6e02051c-201e-005b-30f8-d82b39000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/icon-expert.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 05 Oct 2022 20:35:10 GMT
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Mon, 20 Jun 2022 12:15:04 GMT
etag: W/"0x8DA52B6820929CB"
x-ms-request-id: 3de0f78e-b01e-0059-47f8-d89581000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/app-sports-icon.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 05 Oct 2022 20:35:10 GMT
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Mon, 20 Jun 2022 12:15:06 GMT
etag: W/"0x8DA52B682FA1D49"
x-ms-request-id: 6ba89fea-201e-0006-23f8-d821bd000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v5.7.1/css/all.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.133.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 05 Oct 2022 20:35:10 GMT
x-amz-id-2: Naym7hPmP6C6hux6VLJAAre0tbecqXaiQpMJaYu3vDn0x1vPpC32gtoDJkl7kXKmPPFbhKi1q5U=
x-amz-request-id: MZGFJRB14SZWS1MV
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 29769111
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlkiraUeFe5vHt4KesfKkqPkzL0RGvAAMUL%2BQl8GD73757hSnxSG7JGhHNU56oWNArCNhXOg3A6xzQJ3IkacmLWIn%2BuzrHZHk6z1ZCBRRLcWaNpye%2BrUzvomGm600weiUHpNWKfL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7558f1351824e67c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /no/pop/multisport/utv-logo.svg HTTP/1.1 
Host: welcome.unibet.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/no/pop/multisport/index.html?mktid=1:127656177:86075577-37950&btag=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37&bid=37950&campaignId=2750545&pid=86075577
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a86045284%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1664998047515)%5c%2f%22%2c%22CookieTag%22%3a%223795386045284451240919C20221051927%22%7d%2c%7b%22PID%22%3a86075577%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1665002109676)%5c%2f%22%2c%22CookieTag%22%3a%223795086075577451240919C20221052035%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228189564173%7c1%22%7d%5d; __ucbt=node05fwyterd1xzk27n6ozzjqi981; uniattr=ST.0.T; uniattr_ref="https://vatcalf.com/"; campaignId=2750545; framework.forceBigLandingArea=; affiliateId=1; B-TAG=127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37; BID=37950; PID=86075577; REFERER=https%3A%2F%2Fvatcalf.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fno.unibet.com%2Fstan%2Fcampaign.do%3FcmpId%3D2750545%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fmultisport%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_E1C4506F5D1A4EFFA0C04877C4DDAE37%26sref%3DADST%26ADST%3D17196958%26affiliateId%3D1%26pid%3D86075577%26bid%3D37950; AFFILIATE_CAMPAIGN_ID=2750545
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         108.161.188.196
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 05 Oct 2022 20:35:10 GMT
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Mon, 20 Jun 2022 12:15:01 GMT
etag: W/"0x8DA52B680312C74"
x-ms-request-id: df6c3eed-101e-0022-6bf8-d8d71d000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
server: NetDNA-cache/2.2
x-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pages/scripts/0012/9242.js?462500 HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Wed, 05 Oct 2022 20:35:11 GMT
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.4.10
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=5675
last-modified: Wed, 05 Oct 2022 14:48:50 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 20781
vary: Accept-Encoding
server: cloudflare
cf-ray: 7558f13b1995b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---