bestsafelink.com/get/CysqcqsTyh
188.114.96.1301 Moved Permanently 0 B URL HTTP/1.1 bestsafelink.com/get/CysqcqsTyh
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/CysqcqsTyh HTTP/1.1
Host: bestsafelink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 12:33:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 13:33:29 GMT
Location: https://bestsafelink.com/get/CysqcqsTyh
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssrYOZcvkgldYirpsN3aioHNNvsBl3ihu3gOOsT8BmPILQBx8%2B4K%2FI5dEuh2wPK%2BZXM9sbt8Fe%2Bl%2BNEZypX5Eg9zH1dONW4BEd47Kqcqoc842xI7RG9uHbX62RiIe9mLy9yZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794bacc11d94b4f4-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8926
Expires: Sun, 05 Feb 2023 15:02:16 GMT
Date: Sun, 05 Feb 2023 12:33:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5638
Expires: Sun, 05 Feb 2023 14:07:28 GMT
Date: Sun, 05 Feb 2023 12:33:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16345
Expires: Sun, 05 Feb 2023 17:05:55 GMT
Date: Sun, 05 Feb 2023 12:33:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 11:36:17 GMT
content-type: application/json
age: 3433
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OEZ86DsJUn/GgE6wJqPrjnA7W7DXNX/+Li9xQ1sd2CTz+14Ox4E3KYN/T4Z6FIc4JUPsttvCYqU=
x-amz-request-id: F5RS491AJAG20RDH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 12:24:28 GMT
age: 542
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 12:33:30 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7a7037fecc63712eb3a4d3f9e90a1fc5
4468341003c78acb05f8d389d4f3f2340488e713
e8a904096870845a902c92247b0f7e65e7ad3ff40903ba8fb70c92ecde54f1ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:30 GMT
Server: ECS (amb/6BA5)
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 11:49:07 GMT
age: 2663
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4814
Expires: Sun, 05 Feb 2023 13:53:44 GMT
Date: Sun, 05 Feb 2023 12:33:30 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7a7037fecc63712eb3a4d3f9e90a1fc5
4468341003c78acb05f8d389d4f3f2340488e713
e8a904096870845a902c92247b0f7e65e7ad3ff40903ba8fb70c92ecde54f1ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:30 GMT
Last-Modified: Sun, 05 Feb 2023 12:33:30 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a78b06ca527ce7542b24b349e0485d8b
6f5e5126c1c9d40c9ba09d58e1755d2ca39d02ab
bc7dc156ab8b2b33422fff0922e219246eb1d12469d10ac8007416fed41ac473
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.138200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:28:50 GMT
expires: Thu, 01 Feb 2024 22:28:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 309880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js
216.58.207.228200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 216.58.207.228:0
File type ASCII text, with very long lines (850), with no line terminators
Hash c40fb3e99bdf4c051379206b381f995b
3cf6ce4a866abbd13ce857357061a1cfa3a27690
0c45a6582686059e9d82919355c239be284c5740680f56332419ce0516280183
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 05 Feb 2023 12:33:30 GMT
date: Sun, 05 Feb 2023 12:33:30 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.200.77.111101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.200.77.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: u2A5WyAcao0yHbGnePIIWw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NT4BFmVBmZLN+7UynMou5U4u9WE=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10819
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 12:33:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10819
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 12:33:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10819
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 12:33:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10819
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 12:33:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10819
Expires: Sun, 05 Feb 2023 15:33:51 GMT
Date: Sun, 05 Feb 2023 12:33:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 38c58626-f4ad-4e2b-ad71-a628519d2ea2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmEdHFwCoAMFhxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8b453-7da6d0c1093468d320caaa1e;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 06:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t8dZTwod1-pZr8ACfp-6gfEu0TA3kGpfJrQeF8VgLg2tlrt03sa6Bg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:40:08 GMT
age: 32004
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
34.120.237.76200 OK 69 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg
IP 34.120.237.76:0
Hash 1fd5b5d2bb5fb47fe75160b35358063f
fb9ebc99df4c29cdeb39da5d596f072dc876a433
999c9b4b964257ab48d34b7569c2f67e1e29e543a1b2b3aa59c31b754a5b5542
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0def934-b27d-4612-bab8-84bfb73a9960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 280f7003-2696-4a82-bd50-82b0a2b66faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsSpoEA0oAMFSBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db3170-35dcb9513c891af201b973d1;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 03:43:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 00Sp1Thtp-YIGYmu7qIB6GtKBxOGLgcAse2SusryA8xaBrnWQDD-Hg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:04:01 GMT
age: 52171
etag: "67e7c49ea7648fc6d1dffc22588862c993b785b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 14:53:45 GMT
age: 77987
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg
34.120.237.76200 OK 37 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg
IP 34.120.237.76:0
Hash 97658bb10ce28c1dee6b105d03d2ce09
17bcf027f9a68ff65614982189b221d34517fe08
3da6ce84562b8c52ba5d3ce48ebc609323d5b80e095606dfe5cd0099f0341254
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5801
x-amzn-requestid: 441284a8-923a-4b22-b39f-95dec713c292
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fjj9jHu_IAMFZ-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d7b389-788174a773fcd695540cc95e;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 12:09:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DgvqiQwdytO2caPNzg2OhGcv8ly9N_YeQTzpuf6iwAVt8AQZEXRLqw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:52 GMT
age: 53380
etag: "48c408d37a7bd7f96653174359178eed46ddf298"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 25 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
Hash ad6bbd9de9e376c3fb0f8a96e06521e6
86aa55994beb2803ddfadf0ade6934b9d27adb11
171691c747db5e43262d56a1908ad19165fbdaba096f34434021ac2d55067f00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jIvBQjGh9JzWQM0YpEYiqP5CcBrkwqLVjAYhMWJ1P1H0MRkm7kpnpg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:12:06 GMT
age: 51686
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
Hash b8e46e108718a5c4e332dad12923f2ac
125a26009c2b169311b205e1f94af1b8a41a66db
9d20650f7d009cad162409d88bed340a05cd8a5799e464f89b70f6e9a5905d8f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 13:05:46 GMT
age: 84466
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0d7c477713e790f3ef98dc674f3222fc
a2382b9e416fe9643097bc20eac5d731a04d74aa
695b092fde1c5da6fabcca568dbd8bd41eae8023f92e8ea020a8850010aa171d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "695B092FDE1C5DA6FABCCA568DBD8BD41EAE8023F92E8EA020A8850010AA171D"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10284
Expires: Sun, 05 Feb 2023 15:24:56 GMT
Date: Sun, 05 Feb 2023 12:33:32 GMT
Connection: keep-alive
trolleydryerfunds.com/200b02289541c62fe5bc10c0b9729682/invoke.js
192.243.59.13200 OK 16 kB URL HTTP/1.1 trolleydryerfunds.com/200b02289541c62fe5bc10c0b9729682/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash 37eaf5150b6f8ede9c93de229375326b
e60731b556bdbbb072f4de96fb6bbac7eb8bb0bf
946cb74d30909dcb8d407f1c946d47b604f7afa26bad90c6304930083637ea58
GET /200b02289541c62fe5bc10c0b9729682/invoke.js HTTP/1.1
Host: trolleydryerfunds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 12:33:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 891101001be02aca3ccef85406a4f6ca
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
trolleydryerfunds.com/200b02289541c62fe5bc10c0b9729682/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 trolleydryerfunds.com/200b02289541c62fe5bc10c0b9729682/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 8d50f411f1c3c20de2dd475152fb1b1b
fc1257b6c4d7cba33ae0302aa1bdd27e42c28a51
39cfce50414fb8d7daea83b1a2bf0e3a86bb5582c05d9361cddbf22398279455
GET /200b02289541c62fe5bc10c0b9729682/invoke.js HTTP/1.1
Host: trolleydryerfunds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 12:33:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3934d1a37cec61fa7b877e54554124cb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash dccebcfaad6c97d820364ec92d4a511b
a1adef127bad0f85751b5a7b47025c33d40083c4
6be12cee36873a68c71f277876470b5a3807acf44b39a92b575595e9aa95c973
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 12:33:33 GMT
Last-Modified: Sun, 05 Feb 2023 11:19:18 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BhgWbcJZcVz4CugX1unnrTJAbdx3jN50BIiDyh0ZnK9uiOj6xQo1XQ==
Age: 4455
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 453a7e64b413866677aac5eff65414c1
fea9d47bea7ad80b9c66ada91b1d247fb6e94323
f1014ccaef4ff93b14489e89ab8a29584801a7a9f38a13099bc424216fba646f
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestsafelink.com
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://bestsafelink.com
access-control-allow-credentials: true
set-cookie: uid_id2=7f98c11f-d9c9-42b8-bb8b-b0cbe4c3a185:2:1; expires=Wed, 02 Feb 2033 12:33:33 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 67655f4a019a423eefb942ba6548da84
bec5b3652535e67fb6196dc3c6fff591b378731d
9be33fe6ca56141548a6bc13273112a33165b5e1fe69bd7e961a99ecf085be84
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestsafelink.com
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://bestsafelink.com
access-control-allow-credentials: true
set-cookie: uid_id2=f5a2a330-7a6c-466f-a296-263734b9ae05:3:1; expires=Wed, 02 Feb 2033 12:33:33 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
216.58.211.3200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestsafelink.com
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 08:53:11 GMT
expires: Wed, 31 Jan 2024 08:53:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 445222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 79e65fc8bd6082f7b42e9235efec43f9
f9a2b2c14c1fa6aa4d832c77066452c72b209274
0266d380456e97ee19ae84c54858fc37d227d79292fb731015a874b3d954eb5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0266D380456E97EE19AE84C54858FC37D227D79292FB731015A874B3D954EB5E"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9096
Expires: Sun, 05 Feb 2023 15:05:09 GMT
Date: Sun, 05 Feb 2023 12:33:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aeeefd2d41311d21e58a79216388b8ec
61b6224aed9721be9b600640073c26f91fe2566b
70abf72a66f3491630ee6d380cd655a33489aa411b1bac80319190f31d2a6295
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70ABF72A66F3491630EE6D380CD655A33489AA411B1BAC80319190F31D2A6295"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8781
Expires: Sun, 05 Feb 2023 14:59:54 GMT
Date: Sun, 05 Feb 2023 12:33:33 GMT
Connection: keep-alive
withenvisagehurt.com/watch.733173449693.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=7f98c11f-d9c9-42b8-bb8b-b0cbe4c3a185%3A2%3A1
192.243.61.227307 Temporary Redirect 0 B URL HTTP/1.1 withenvisagehurt.com/watch.733173449693.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=7f98c11f-d9c9-42b8-bb8b-b0cbe4c3a185%3A2%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.733173449693.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=7f98c11f-d9c9-42b8-bb8b-b0cbe4c3a185%3A2%3A1 HTTP/1.1
Host: withenvisagehurt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestsafelink.com
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 12:33:33 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bestsafelink.com
Access-Control-Allow-Origin: https://bestsafelink.com
Access-Control-Allow-Credentials: true
Location: https://withenvisagehurt.com/watch.733173449693.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=7f98c11f-d9c9-42b8-bb8b-b0cbe4c3a185%3A2%3A1&shu=acc56654475f5be261aa57f18a5c828d516c3dc50395800fb823a4e6959d9dee70d8d90e54ecb0afd74e4647d4b2dd8cf31e9d85cb050181ec7840195478966737652b4f0d63b34834c149b381faf7f8d3a0dd8e9c15f5cb5b74e312e9ecbb&pst=1675600473&rmtc=t
Set-Cookie: u_pl=17579507; expires=Mon, 06 Feb 2023 12:33:33 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3OTUwNywiayI6IjIwMGIwMjI4OTU0MWM2MmZlNWJjMTBjMGI5NzI5NjgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MzM0LCJwaWQiOjUxODY2MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoidDB3c2IyYXciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9iZXN0c2FmZWxpbmsuY29tL2dldC9DeXNxY3FzVHloIn19.-uf3PLmuHa4ae1u6JNglXsaVog3RjzyNUNeezsEWRfo; expires=Sun, 05 Feb 2023 12:34:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: edea9a4e24e8532c4ac5c8b99b4327ef
Strict-Transport-Security: max-age=0; includeSubdomains
solitudearbitrary.com/watch.1422874973108.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1
173.233.139.164307 Temporary Redirect 0 B URL HTTP/1.1 solitudearbitrary.com/watch.1422874973108.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1422874973108.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1 HTTP/1.1
Host: solitudearbitrary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestsafelink.com
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 12:33:33 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bestsafelink.com
Access-Control-Allow-Origin: https://bestsafelink.com
Access-Control-Allow-Credentials: true
Location: https://solitudearbitrary.com/watch.1422874973108.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1&shu=c554a5c4ea7e00bb2c97dc840b5466b90153d4416624999bd88a6a19778364e22cc18115c56d523b10e9a0849e3091dc5bb969ac1987751a87a982f1c6009804fb43787dec081a644832dcbfc83e973e0a5c068350718c334d3e23c2a4318e&pst=1675600473&rmtc=t
Set-Cookie: u_pl=17579507; expires=Mon, 06 Feb 2023 12:33:33 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3OTUwNywiayI6IjIwMGIwMjI4OTU0MWM2MmZlNWJjMTBjMGI5NzI5NjgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MzM0LCJwaWQiOjUxODY2MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoidDB3c2IyYXciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9iZXN0c2FmZWxpbmsuY29tL2dldC9DeXNxY3FzVHloIn19.-uf3PLmuHa4ae1u6JNglXsaVog3RjzyNUNeezsEWRfo; expires=Sun, 05 Feb 2023 12:34:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 69c57d3c92201deffec66f5c22b39fc8
Strict-Transport-Security: max-age=0; includeSubdomains
withenvisagehurt.com/watch.733173449693.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=7f98c11f-d9c9-42b8-bb8b-b0cbe4c3a185%3A2%3A1&shu=acc56654475f5be261aa57f18a5c828d516c3dc50395800fb823a4e6959d9dee70d8d90e54ecb0afd74e4647d4b2dd8cf31e9d85cb050181ec7840195478966737652b4f0d63b34834c149b381faf7f8d3a0dd8e9c15f5cb5b74e312e9ecbb&pst=1675600473&rmtc=t
192.243.61.227200 OK 635 B URL HTTP/1.1 withenvisagehurt.com/watch.733173449693.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=7f98c11f-d9c9-42b8-bb8b-b0cbe4c3a185%3A2%3A1&shu=acc56654475f5be261aa57f18a5c828d516c3dc50395800fb823a4e6959d9dee70d8d90e54ecb0afd74e4647d4b2dd8cf31e9d85cb050181ec7840195478966737652b4f0d63b34834c149b381faf7f8d3a0dd8e9c15f5cb5b74e312e9ecbb&pst=1675600473&rmtc=t
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (581)
Hash 27628c32b231f04e52a923a2c5717d5f
b01f945f924cf13242da8756fb8770a4e1fa42dc
0d127373c2b3d20f12237a4b444ff3392c4fe0b30146ef03f013f5816515a13a
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.733173449693.js?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=7f98c11f-d9c9-42b8-bb8b-b0cbe4c3a185%3A2%3A1&shu=acc56654475f5be261aa57f18a5c828d516c3dc50395800fb823a4e6959d9dee70d8d90e54ecb0afd74e4647d4b2dd8cf31e9d85cb050181ec7840195478966737652b4f0d63b34834c149b381faf7f8d3a0dd8e9c15f5cb5b74e312e9ecbb&pst=1675600473&rmtc=t HTTP/1.1
Host: withenvisagehurt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bestsafelink.com
Referer: https://bestsafelink.com/
Connection: keep-alive
Cookie: u_pl=17579507; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3OTUwNywiayI6IjIwMGIwMjI4OTU0MWM2MmZlNWJjMTBjMGI5NzI5NjgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MzM0LCJwaWQiOjUxODY2MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoidDB3c2IyYXciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9iZXN0c2FmZWxpbmsuY29tL2dldC9DeXNxY3FzVHloIn19.-uf3PLmuHa4ae1u6JNglXsaVog3RjzyNUNeezsEWRfo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 12:33:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bestsafelink.com
Access-Control-Allow-Origin: https://bestsafelink.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=7f98c11f-d9c9-42b8-bb8b-b0cbe4c3a185:2:1; expires=Sun, 12 Feb 2023 12:33:33 GMT; secure; SameSite=None
iprc23028be5b35d37bed7b93c91e6773c91=2717343; expires=Mon, 06 Feb 2023 14:33:33 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Feb 2023 12:33:33 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 12:33:33 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 06 Feb 2023 12:33:33 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 06 Feb 2023 12:33:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4da2759ef086daeb58491a6d2806d3e2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b7a276cc2dd7702e41c8cb504052743
ad22cf4130abcc28cc5375d53f869d6660290d28
4c30703e963824fe0e0e3adcac647939a81fb68586cf1e816ab408c5abbc661c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C30703E963824FE0E0E3ADCAC647939A81FB68586CF1E816AB408C5ABBC661C"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5839
Expires: Sun, 05 Feb 2023 14:10:53 GMT
Date: Sun, 05 Feb 2023 12:33:34 GMT
Connection: keep-alive
solitudearbitrary.com/watch.1422874973108?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1
173.233.139.164200 OK 1.2 kB URL HTTP/1.1 solitudearbitrary.com/watch.1422874973108?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (739)
Hash 73e7110968d27561d709fc5ef8c21125
700e06e8558f15573d4ca8a1245a408b7283f711
ec2c06f7acfcde69e15209fb7b1a19d3cbeb304538c72f7defba0cd5977f95fd
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1422874973108?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1 HTTP/1.1
Host: solitudearbitrary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestsafelink.com/
Cookie: u_pl=17579507; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3OTUwNywiayI6IjIwMGIwMjI4OTU0MWM2MmZlNWJjMTBjMGI5NzI5NjgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MzM0LCJwaWQiOjUxODY2MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoidDB3c2IyYXciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9iZXN0c2FmZWxpbmsuY29tL2dldC9DeXNxY3FzVHloIn19.-uf3PLmuHa4ae1u6JNglXsaVog3RjzyNUNeezsEWRfo
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 12:33:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3OTUwNywiayI6IjIwMGIwMjI4OTU0MWM2MmZlNWJjMTBjMGI5NzI5NjgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MzM0LCJwaWQiOjUxODY2MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoidDB3c2IyYXciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vYmVzdHNhZmVsaW5rLmNvbS9nZXQvQ3lzcWNxc1R5aCJ9fQ.Q8JtQ5cKzsDJ8IHchrDqOA62-rA7CjrQ1CDtGqyxZoI; expires=Sun, 05 Feb 2023 12:34:34 GMT; secure; SameSite=None
uid_id2=f5a2a330-7a6c-466f-a296-263734b9ae05:3:1; expires=Sun, 12 Feb 2023 12:33:34 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 853f5c5afdeacbce1d13029443526162
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17579507
173.233.137.60200 OK 1.3 kB URL HTTP/1.1 jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17579507
IP 173.233.137.60:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash f7b22d5908159669397e0fd6395bb881
53281dd70ae1015cb0ee5ea42f6693fb68a374a9
06f6e6b05925b540aaddffc0efb00156a7cbe275c3419a0b65eaca1956ad02e2
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17579507 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestsafelink.com/
Cookie: u_pl=16122935; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 12:33:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122935,16122660; expires=Mon, 06 Feb 2023 12:33:34 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc1Nzk1MDciLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9iZXN0c2FmZWxpbmsuY29tLyJ9fQ.4h14NTQB2nT9hmZEe21MfUuBvyDJz96_ROpLxHKdD7o; expires=Sun, 05 Feb 2023 12:34:34 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5ac47aa954a4c25a4e0b95931cbe899a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
solitudearbitrary.com/watch.1422874973108?shu=a598579b6b101cffdcb515e5f32e9ec7ced3f09fa1684d61b107548dfbd574be4889fc611ccdecfd0a6d606116327a1d8ae1b17023e10bb619dd57336dd1882b96c89f23991d23656061c0177061bf6bc5163e35a3006dc5c9fdf65430d8e0c6af33cc&pst=1675600474&rmtc=t&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1&pii=&in=false&key=200b02289541c62fe5bc10c0b9729682&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&dev=e&res=12.1055&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&tz=0
173.233.139.164200 OK 1.8 kB URL HTTP/1.1 solitudearbitrary.com/watch.1422874973108?shu=a598579b6b101cffdcb515e5f32e9ec7ced3f09fa1684d61b107548dfbd574be4889fc611ccdecfd0a6d606116327a1d8ae1b17023e10bb619dd57336dd1882b96c89f23991d23656061c0177061bf6bc5163e35a3006dc5c9fdf65430d8e0c6af33cc&pst=1675600474&rmtc=t&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1&pii=&in=false&key=200b02289541c62fe5bc10c0b9729682&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&dev=e&res=12.1055&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&tz=0
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2509)
Hash 7b6a1077085ad5ad16c80930a99d2ecd
ed1402944e49b8974cd965528c5be8d5bcebe247
478053141aa1863543b547e094526343dd494873162312a7b294a2296069dda5
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1422874973108?shu=a598579b6b101cffdcb515e5f32e9ec7ced3f09fa1684d61b107548dfbd574be4889fc611ccdecfd0a6d606116327a1d8ae1b17023e10bb619dd57336dd1882b96c89f23991d23656061c0177061bf6bc5163e35a3006dc5c9fdf65430d8e0c6af33cc&pst=1675600474&rmtc=t&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1&pii=&in=false&key=200b02289541c62fe5bc10c0b9729682&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&dev=e&res=12.1055&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&tz=0 HTTP/1.1
Host: solitudearbitrary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://solitudearbitrary.com/watch.1422874973108?key=200b02289541c62fe5bc10c0b9729682&kw=%5B%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%2C%22-%22%2C%22best%22%2C%22safe%22%2C%22link%22%2C%22protector%22%2C%22-%22%2C%22protecting%22%2C%22your%22%2C%22multiple%22%2C%22links%22%5D&refer=https%3A%2F%2Fbestsafelink.com%2Fget%2FCysqcqsTyh&tz=0&dev=e&res=12.1055&uuid=f5a2a330-7a6c-466f-a296-263734b9ae05%3A3%3A1
Cookie: u_pl=17579507; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU3OTUwNywiayI6IjIwMGIwMjI4OTU0MWM2MmZlNWJjMTBjMGI5NzI5NjgyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTU0MzM0LCJwaWQiOjUxODY2MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoidDB3c2IyYXciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vYmVzdHNhZmVsaW5rLmNvbS9nZXQvQ3lzcWNxc1R5aCJ9fQ.Q8JtQ5cKzsDJ8IHchrDqOA62-rA7CjrQ1CDtGqyxZoI; uid_id2=f5a2a330-7a6c-466f-a296-263734b9ae05:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 12:33:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bestsafelink.com/get/CysqcqsTyh
Access-Control-Allow-Origin: https://bestsafelink.com/get/CysqcqsTyh
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=f5a2a330-7a6c-466f-a296-263734b9ae05:3:1; expires=Sun, 12 Feb 2023 12:33:34 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Feb 2023 12:33:34 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 12:33:34 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 06 Feb 2023 12:33:34 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 06 Feb 2023 12:33:34 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 37678a8d103a3d6726dbc4216a1cf860
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jennyvisits.com/dyfc1k09?shu=b120ef2ff3b5873fe45e76f62beb4eff16911221298efeb99123ac93b3f84fab51e2acec825235102ee8a75b9bd7d61c5367b50ca01a162c20d3c75cb277ec4ae23985ce1e452e6c72d51f16f59a6c69a592db716ca50ae32ce0e22bfdfdb6fa93&pst=1675600474&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fbestsafelink.com%2F&psid=17579507
173.233.137.60302 Found 0 B URL HTTP/1.1 jennyvisits.com/dyfc1k09?shu=b120ef2ff3b5873fe45e76f62beb4eff16911221298efeb99123ac93b3f84fab51e2acec825235102ee8a75b9bd7d61c5367b50ca01a162c20d3c75cb277ec4ae23985ce1e452e6c72d51f16f59a6c69a592db716ca50ae32ce0e22bfdfdb6fa93&pst=1675600474&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fbestsafelink.com%2F&psid=17579507
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=b120ef2ff3b5873fe45e76f62beb4eff16911221298efeb99123ac93b3f84fab51e2acec825235102ee8a75b9bd7d61c5367b50ca01a162c20d3c75cb277ec4ae23985ce1e452e6c72d51f16f59a6c69a592db716ca50ae32ce0e22bfdfdb6fa93&pst=1675600474&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fbestsafelink.com%2F&psid=17579507 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jennyvisits.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122935,16122660; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc1Nzk1MDciLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9iZXN0c2FmZWxpbmsuY29tLyJ9fQ.4h14NTQB2nT9hmZEe21MfUuBvyDJz96_ROpLxHKdD7o; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 12:33:34 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
Set-Cookie: uncs=2; expires=Mon, 06 Feb 2023 12:33:34 GMT
uncs28=2; expires=Mon, 06 Feb 2023 12:33:34 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 07dc159db10d477e3376a601a249ef7d
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
23.36.79.11307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=16122660 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%5d; btag=127656177_F04CDB337B3E4781904687671EFE274D; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_949F2539E9934124BA8849011E6C22DB&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Sun, 05 Feb 2023 12:33:36 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 05 Feb 2023 12:33:36 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; domain=.unibet.com; expires=Tue, 05-Feb-3022 12:33:36 GMT; path=/; secure; SameSite=Strict
server-timing: edge; dur=1, origin; dur=1429, cdn-cache; desc=MISS
X-Firefox-Spdy: h2
www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_949F2539E9934124BA8849011E6C22DB&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_949F2539E9934124BA8849011E6C22DB&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_949F2539E9934124BA8849011E6C22DB&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: __ucbt=node0b01d5mkrmald1h13et8f9j2lg; uniattr=ST.0.T; uniattr_ref="https://jennyvisits.com/"; btag=320669908_D3208AF7FE244693B33F08ADD9FF6FC8; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C73046778393046018704499180147423593324%7CMCAAMLH-1676192731%7C6%7CMCAAMB-1676192731%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675595131s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 05 Feb 2023 12:33:36 GMT
content-length: 0
location: https://www.unibet.nu:443/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_949F2539E9934124BA8849011E6C22DB&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
set-cookie: JSESSIONID=node01hv4q6puhjjq21wqg8jwj9tw2i2439582.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node0b01d5mkrmald1h13et8f9j2lg; Path=/; Domain=.unibet.nu; Expires=Tue, 04-Feb-2025 12:33:36 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.unibet.nu; Expires=Tue, 04-Feb-2025 12:33:36 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref="https://jennyvisits.com/"; Path=/; Domain=.unibet.nu; Expires=Tue, 04-Feb-2025 12:33:36 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.unibet.nu; Secure; SameSite=None
B-TAG=127656177_949F2539E9934124BA8849011E6C22DB; Path=/; Domain=.unibet.nu; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
PID=68246908; Path=/; Domain=.unibet.nu; Secure; SameSite=None
CHID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=https%3A%2F%2Fjennyvisits.com%2F; Path=/; Domain=.unibet.nu; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_949F2539E9934124BA8849011E6C22DB%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; Path=/; Domain=.unibet.nu; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=; Path=/; Domain=.unibet.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
clientId=polopoly_desktop; Domain=www.unibet.nu; Path=/; SameSite=None; Secure
referer: https://jennyvisits.com/
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Sun, 05 Feb 2023 12:33:36 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_949F2539E9934124BA8849011E6C22DB&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.unibet.nu/stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_949F2539E9934124BA8849011E6C22DB&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=127656177_949F2539E9934124BA8849011E6C22DB&sref=ADST&ADST=16122660&affiliateId=1&pid=68246908&bid=37950&landingPageUrl=https%3A%2F%2Fwelcome.unibet.com%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%3Fmktid%3D1%3A127656177%3A68246908-37950 HTTP/1.1
Host: www.unibet.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: __ucbt=node0b01d5mkrmald1h13et8f9j2lg; uniattr=ST.0.T; uniattr_ref="https://jennyvisits.com/"; btag=320669908_D3208AF7FE244693B33F08ADD9FF6FC8; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C73046778393046018704499180147423593324%7CMCAAMLH-1676192731%7C6%7CMCAAMB-1676192731%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675595131s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; affiliateId=1; B-TAG=127656177_949F2539E9934124BA8849011E6C22DB; BID=37950; PID=68246908; REFERER=https%3A%2F%2Fjennyvisits.com%2F; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.unibet.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2799402%26affiliateId%3D1%26unibetTarget%3D%2Fnu%2Fpop%2Fsportsbook%2Fmultisports%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.unibet.com%26btag%3D127656177_949F2539E9934124BA8849011E6C22DB%26sref%3DADST%26ADST%3D16122660%26affiliateId%3D1%26pid%3D68246908%26bid%3D37950; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sun, 05 Feb 2023 12:33:36 GMT
content-length: 0
location: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Sun, 05 Feb 2023 12:33:36 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.nu/index.html
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b5c6eae7356c7c117d75d88d84420f61
ef1bf1756057d56ff2070537f5cff02827ced62b
96e9d535daeb01ba5cb4409ac40f2d74540db1505510a5ddbe9e9090ec772cc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96E9D535DAEB01BA5CB4409AC40F2D74540DB1505510A5DDBE9E9090EC772CC4"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15719
Expires: Sun, 05 Feb 2023 16:55:35 GMT
Date: Sun, 05 Feb 2023 12:33:36 GMT
Connection: keep-alive
welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
104.18.25.188200 OK 5.7 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
IP 104.18.25.188:0
Hash 873b1dc55b5f354e692945bdc2e82bd6
e926e270a3f6cfd6638081fde05f4adec0670d3b
0d1f8ed619e45110e90f1aa2f3e97f7f961344e585e4d4c251d73993d84f34f7
GET /nu/pop/sportsbook/multisports/1-styles.css HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: zXkBqwBMviPPaK5rBIapmA==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914DE94BB"
x-ms-request-id: 580bcb77-701e-0034-8081-3121ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259384
vary: Accept-Encoding
server: cloudflare
cf-ray: 794baceccc89b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
104.18.25.188404 Not Found 642 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/gambling-commission.png
IP 104.18.25.188:0
File type XML 1.0 document text\012- XML document, Unicode text, UTF-8 (with BOM) text
Hash 0693c299d4ca92d2c4ca7f406c76cd06
bd4a7bef64ee8f7d98900c444157e1270992928a
01f2a0fd579f3b24d8477d0378865085d00af7331a963b94c6d8c8d251da93b2
GET /nu/pop/sportsbook/multisports/gambling-commission.png HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: application/xml
x-ms-request-id: bb85fc14-201e-0039-1e5e-39e91e000000
x-ms-version: 2014-02-14
access-control-allow-origin: *
cf-cache-status: HIT
age: 16
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdcbbb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.138200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:28:50 GMT
expires: Thu, 01 Feb 2024 22:28:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 309886
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 957 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash e19225e3eb562a3b6a86f7b8b47c38fb
ce3eb55448afd8fc9dfa4ac82f8743a009d5e142
c152526a02cb050650847e999ae141eae985472fbf73c5a843160b3b6bb06f79
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: application/javascript
content-length: 957
last-modified: Mon, 25 Apr 2022 12:18:31 GMT
etag: "3bd-5dd799309c310"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
104.18.25.188200 OK 98 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-background-black.jpg
IP 104.18.25.188:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x936, components 3\012- data
Hash 8e6d9af5ef1badfe9295b8fc96793c28
e37cdf4093dc0a47246be7360e7945f91991f073
de89de8196b23a00db8e35bca40fdb4253d970492a31396d5861c2e99d691407
GET /nu/pop/sportsbook/multisports/1-background-black.jpg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/1-styles.css
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/jpeg
content-length: 98453
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
cf-bgj: h2pri
content-md5: jm2a9e8brf6Slbj8lnk8KA==
etag: "0x8DAFF991565B252"
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 3cf155d6-101e-000d-3081-31dad6000000
x-ms-version: 2014-02-14
cf-cache-status: HIT
age: 259388
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacedfe23b4f7-OSL
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
104.18.25.188200 OK 19 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
IP 104.18.25.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2392)
Hash 287e156fb58cc8b3757a36891edb453d
1330a2f2255e8726e6a986fbae37b3a5db7ff88d
8516630c1004efb719dc3bc815194878c815bb8628c58ad48c25e014a19db867
GET /nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908 HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; btag=127656177_F04CDB337B3E4781904687671EFE274D; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: djoKeCzytkLU3NSdQsOPbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
x-ms-request-id: 02753de2-c01e-0031-045e-39f311000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: btag=127656177_949F2539E9934124BA8849011E6C22DB;max-age=2592000; domain=.unibet.com;path=/;secure;samesite=none;httponly
server: cloudflare
cf-ray: 794bacec0bacb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
104.18.25.188200 OK 2.0 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/1-main.js
IP 104.18.25.188:0
File type HTML document, Unicode text, UTF-8 text
Hash 1096291940d9ee5de248f31974afe697
c1725e008c655d32add69fa81220c4fba25e798f
fd080f6be6087453b40eec82f1e7315a668541db159bc56f19d393f21018edc6
GET /nu/pop/sportsbook/multisports/1-main.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: BPxI3njL/F0VV+nfOZx3Mw==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF99188E686E"
x-ms-request-id: fae4441f-101e-0040-4d81-31153a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259390
vary: Accept-Encoding
server: cloudflare
cf-ray: 794baceccc92b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
104.18.25.188200 OK 1.2 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-sports.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1481), with no line terminators
Hash 8ed7845a354b40c3b4a41dbe4aa045db
e5fbfa56c871c9326bc79ee2bcb2d1150c647a7f
c98ee866ced833f89f998d3cfe356f5bc0e6777c3283e99a72a40f96b83dc7e1
GET /nu/pop/sportsbook/multisports/icon-sports.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Kch+tYuo05USS5JaESq1rA==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF9917716257"
x-ms-request-id: 78c0b78e-401e-0000-7881-311202000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259389
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdcb4b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
104.18.25.188200 OK 16 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-expert.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (966), with no line terminators
Hash 34a06d132177602307228cf04eea017b
c4b31b0a2b7b7a8fa7a7e951e31a832d0b538bd1
7a921e925a77b6c596db6658486a9e3fc01efffb63441dd1fe8a91960510bc2b
GET /nu/pop/sportsbook/multisports/icon-expert.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Z4302O+bSqlX5UM92U+35A==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99174612EA"
x-ms-request-id: 82c2bcc2-201e-0029-1081-312c76000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259389
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdcb8b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
104.18.25.188200 OK 84 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/com-payments.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 94382f15ee170feff784a00e471a5f3b
68629c2ec16edb7d68ecb3ae4fb52404ad369592
5a9745b315148f62a6bd697e3f727714e4e8fd9d23c02da3f7711b68d4df2cd8
GET /nu/pop/sportsbook/multisports/com-payments.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: vwb7ospRft2xzGDtJvR3WA==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915D02464"
x-ms-request-id: 9ee27f41-c01e-000e-3881-313bb2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259388
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacececbfb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
104.18.25.188200 OK 16 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/icon-trust.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1066), with no line terminators
Hash eb6d47c6f2fd5da94745814ea3170f70
337cc8fac9100cba36d94a64f5a4992e6da72d95
2b3cf7431e3f699143032649b1ec476d358580e298a15a4ccfb7d06bb11b6e16
GET /nu/pop/sportsbook/multisports/icon-trust.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 9k4H3E55HXB5I94VinrUOQ==
last-modified: Thu, 26 Jan 2023 12:30:21 GMT
etag: W/"0x8DAFF99173FAB3F"
x-ms-request-id: af16bb2e-701e-0046-1c81-312685000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259389
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdcaeb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
104.18.25.188200 OK 18 kB URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/read_json.js
IP 104.18.25.188:0
File type HTML document, ASCII text
Hash cc3fdbee6e59ca509687f75217f7b20f
e322d2c44bbac8f60a393e610457fe10b5185aad
581906f75e8e02089c1651437f557591e496db64506d287bbad09a98dbdcf94d
GET /nu/pop/sportsbook/multisports/read_json.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: rGS1nJi75Qz2m2yY+jlYXA==
last-modified: Thu, 26 Jan 2023 12:30:23 GMT
etag: W/"0x8DAFF991898A021"
x-ms-request-id: e9253db8-601e-0075-8081-31792e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259384
vary: Accept-Encoding
server: cloudflare
cf-ray: 794baceccc93b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
142.250.74.40200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP 142.250.74.40:0
File type ASCII text, with very long lines (62112)
Hash 01f67c7659249aa8cb0c971223b57423
4f9f3f80f1069fc5fc32c151e9a47fe419afb75c
37cf469e3c7ac02424c23b1b04ab2263b4bad58ea33e83a0ae26ae38a4baf69a
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 12:33:37 GMT
expires: Sun, 05 Feb 2023 12:33:37 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81074
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
85.184.96.5200 OK 1.3 kB URL HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash 8795fd8ec778cfd94198ffc944ad6436
9d4f606e8aedc259b38e65d4e9f721d38b231496
0649e3b211d39e7da60e0e7510c4d4d884b4311a2e57cac8eaa268597cd30e83
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:42 GMT
etag: W/"705-5e57dfbd5830d"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash bc97b827347d82cbe1159a5ec9145b98
2b4586146583d06e1c4ef3a6e2410bce3852b1fe
243b64e36dfa29f8f19a74536c9a2e7ef8ac8d58862154fbff03b1ab33993174
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6143
Cache-Control: max-age=170120
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:37 GMT
Etag: "63df7faa-116"
Expires: Tue, 07 Feb 2023 11:48:57 GMT
Last-Modified: Sun, 05 Feb 2023 10:06:34 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
script.crazyegg.com/pages/scripts/0012/9242.js?465444
104.19.148.8200 OK 2.6 kB URL HTTP/2 script.crazyegg.com/pages/scripts/0012/9242.js?465444
IP 104.19.148.8:0
File type ASCII text, with very long lines (6791), with no line terminators
Hash 61c37325114de0f34959fee9f903f375
9971c5e90cf8a4689e87bf4c2c9338e7cea0cdcd
fba565565fffbfa1c422a82884ec6706ea6745282ddb7839a6d6ad0049114482
GET /pages/scripts/0012/9242.js?465444 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:37 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.22
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Fri, 03 Feb 2023 18:01:45 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 153112
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacef3a8bb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
104.18.25.188200 OK 462 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/utv-logo.svg
IP 104.18.25.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (807), with no line terminators
Hash 22128655a2b8e20065831904ec794b0b
81e3f163e26bf088a4d7423050c7a044c32d15f2
e3c2c89b56ca630f80eb1af1ced778c97e5e9d9d38e700a5ed5444a4b997127c
GET /nu/pop/sportsbook/multisports/utv-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: QazcDvviTF55mXL/M8kCWQ==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF99157C1D3C"
x-ms-request-id: ec6073d8-501e-0051-6881-318f8e000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259390
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdc9eb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
37.252.171.53200 OK 43 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9755599
IP 37.252.171.53:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fseg%3Fadd%3D9755599 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://welcome.unibet.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 12:33:37 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 6a1c8184-c4c3-4094-a1aa-4d6acbfb7942
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E>zo9u>v!@wnf-Te9(>wL5L!!'Vp$leTS; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 12:33:37 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
104.18.25.188200 OK 897 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/favicon.ico
IP 104.18.25.188:0
File type PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 79e0825d3d21bcf973f37678ef4afbf9
63dca472a4de9e3a3feceded860e068a616efe82
7d03a9fd59819e0d1632474b3f5f92b2c9d7bbbdbbe58e449c5a19c9678ea3da
GET /nu/pop/sportsbook/multisports/favicon.ico HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:37 GMT
content-type: image/x-icon
cache-control: public, max-age=900, immutable
content-md5: rS2fRBxmkqgGx7Qnuz5TbQ==
last-modified: Thu, 26 Jan 2023 12:30:17 GMT
etag: W/"0x8DAFF9914F4D898"
x-ms-request-id: e6735b96-c01e-0021-0381-313679000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259382
vary: Accept-Encoding
server: cloudflare
cf-ray: 794baceedf55b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 84ef8393ce301b5508e43ec38e9d1f12
9f73770d7a4644127a9568e99064b35998760879
fc05624198f16470dec69830b59cff9f67224ce42c1ce7bae25c1904d9f458a2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4516
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:37 GMT
Last-Modified: Sun, 05 Feb 2023 11:18:21 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 84ef8393ce301b5508e43ec38e9d1f12
9f73770d7a4644127a9568e99064b35998760879
fc05624198f16470dec69830b59cff9f67224ce42c1ce7bae25c1904d9f458a2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4516
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:37 GMT
Last-Modified: Sun, 05 Feb 2023 11:18:21 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&d_mid=79658794349493118473981932278432696210&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1675600457544
3.248.113.235200 OK 499 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&d_mid=79658794349493118473981932278432696210&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1675600457544
IP 3.248.113.235:0
File type JSON data\012- , ASCII text, with very long lines (791), with no line terminators
Hash 9ec7c757f86b2d69a4870d0a3b4cdb85
9bfe551bcfaae7c0aa6df786b0e1eb07f968eacf
a61f070b2e3ea1a8ec98dfabbaf74b3f980f0f67bb8c723bc1b341736aedd9be
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&d_mid=79658794349493118473981932278432696210&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1675600457544 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://welcome.unibet.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-017f03edc.edge-irl1.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=78834692375096391864341846129728013668; Max-Age=15552000; Expires=Fri, 04 Aug 2023 12:33:37 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: g3khL+6vQh8=
Content-Length: 499
Connection: keep-alive
bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
104.40.147.180200 OK 1.8 kB URL HTTP/2 bannerflow-feed-builder.azurewebsites.net/api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no
IP 104.40.147.180:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 6447ef74cb074645b435c312b0e705da
9d48f351fc71cc3b3c698416bf424010f52419dd
7e0a6a19c36957f02b83fa16a6fabd74db41430a80bb8e28213e6780009ed812
GET /api/googlesheet/?user=2&spreadsheetId=1Fgsan389gf5LVYi3gt6FMNEgM3LnRdQN1kZ3lP9JwiQ&sheetname=nb_no HTTP/1.1
Host: bannerflow-feed-builder.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Sun, 05 Feb 2023 12:33:37 GMT
server: Microsoft-IIS/10.0
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
set-cookie: ARRAffinity=b834706014e0312bbd5ac92e619aa9e536e81381d39f99045f3680752b2c0199;Path=/;HttpOnly;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
ARRAffinitySameSite=b834706014e0312bbd5ac92e619aa9e536e81381d39f99045f3680752b2c0199;Path=/;HttpOnly;SameSite=None;Secure;Domain=bannerflow-feed-builder.azurewebsites.net
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:f631c08e-9610-47b7-82c9-c925628cdde1
x-powered-by: ASP.NET
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash baeed5ecca34118b9471a9f7a9f3fe98
efbc52d00192e76a22c5808299adbbff9ae59018
4b62a4da3f4f33db038870a3d97a39c592a02bfb46c034fae1e96fce0cf6f11f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3869
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 12:33:37 GMT
Last-Modified: Sun, 05 Feb 2023 11:29:08 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
104.16.170.188200 OK 1.9 kB URL HTTP/2 cdn.bannerflow.com/resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg
IP 104.16.170.188:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6cc413149786c4a1f002286ae228b75b
1aee1239410d0d1b8a0adb1b1a6c4ff4f09f1de1
9cc9a2a5d1ff33527b1b99d22060fe18c881d9834d01c3b2c33b8fbbd545b9fb
GET /resources/mga-logo-16e5f569-f45f-4c4f-a7ab-0a1f83c58415.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:37 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: FAAw5O0EvruykoHDQoRDMA==
last-modified: Fri, 27 Nov 2020 14:00:02 GMT
etag: W/"0x8D892DCBC6EB927"
x-ms-request-id: 0c05a17a-201e-0074-2dff-f626f2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 36
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacf19a77b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
unibet.demdex.net/dest5.html?d_nsid=0
54.72.53.159200 OK 2.8 kB URL HTTP/1.1 unibet.demdex.net/dest5.html?d_nsid=0
IP 54.72.53.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: unibet.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sun, 5 Feb 2023 12:33:37 GMT
DCS: dcs-prod-irl1-2-v045-0b398da67.edge-irl1.demdex.com 1 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:22:24 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: po3hmgiUQHM=
Content-Length: 2791
Connection: keep-alive
bestsafelink.com/get/CysqcqsTyh
188.114.96.1200 OK 0 B URL HTTP/2 bestsafelink.com/get/CysqcqsTyh
IP 188.114.96.1:0
GET /get/CysqcqsTyh HTTP/1.1
Host: bestsafelink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:30 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT, Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache, no-cache
set-cookie: PHPSESSID=f1b67b02871b94e1a5c1d728d38cedf4; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCfFRzFr8%2BK7tdWJ4SnGYp%2FuaxhO6rrw%2FMEgkCqjp9wlGlKY00v2KLifXy4YXrWpsCF1wKCmiRgmw1QI20X5c3I2rLdZCkEnvgHsmpalQ3ik68WO4Rs096epqY9wcFaa6cfA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794bacc47a671c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP 142.250.74.74:0
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 12:33:36 GMT
date: Sun, 05 Feb 2023 12:33:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
104.16.170.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg
IP 104.16.170.188:0
GET /resources/18-plus-adbfd412-ffe0-4780-a5c3-1b540d6ceed3.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:37 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: DtBEzXf8HuXNecd90Rx/1w==
last-modified: Fri, 27 Nov 2020 14:00:01 GMT
etag: W/"0x8D892DCBC244A27"
x-ms-request-id: f9c36029-201e-0105-665e-a57399000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 214
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacf18a5eb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.74:0
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bestsafelink.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 12:33:31 GMT
date: Sun, 05 Feb 2023 12:33:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/unibet-logo.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/unibet-logo.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: cw5jdwcrd9gLyjDZb7Y7Jw==
last-modified: Thu, 26 Jan 2023 12:30:18 GMT
etag: W/"0x8DAFF9915A7459F"
x-ms-request-id: e677fb13-901e-0061-5581-313141000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259390
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdc9fb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/google-play-ro.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/google-play-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: 2fR27yW0b9kBp/ebW9u59A==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99184AD9A4"
x-ms-request-id: fa9ed380-a01e-0027-7f81-3105c6000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259389
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdca4b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.1/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.1/css/all.css
IP 172.64.132.15:0
GET /releases/v5.7.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://welcome.unibet.com
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: text/css
x-amz-id-2: kIWUcp4/gRprxrhG4Bo7YL49QfCfoJzgcb+lBni7kDeALpU6YcOHbXZK3Ce3+VKgInDBPr7yuoA=
x-amz-request-id: GQJ6HHGYZ6JW9X6Q
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 746474
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqSwVTr6LPNeI4v6cgm9Mq1GVfGMH3RDs4Qp3JppZUuRE4vhay9rgmcKH0yXBdq8%2Bci8hkVF8Vjb4VsQ6urhLym1yqYhpCjKibAU6pqdqqV6KDwokkCBPGHqM%2Bk4F%2F76yUeXJncw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794baced5a3a88aa-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-store-ro.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/app-store-ro.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: epgiRapjJpA7DniTiF5C+w==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF99183CF8FA"
x-ms-request-id: d4160c8c-201e-0016-7481-31e4d5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259389
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdca2b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
104.16.170.188200 OK 0 B URL HTTP/2 cdn.bannerflow.com/resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg
IP 104.16.170.188:0
GET /resources/no-payments-44051ae6-a41f-42c3-8d89-751be3d4a42c.svg HTTP/1.1
Host: cdn.bannerflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:37 GMT
content-type: image/svg+xml
cache-control: public,max-age=604800
content-md5: eFf1+jVlHZeVusUSI4yq9A==
last-modified: Mon, 07 Dec 2020 10:23:00 GMT
etag: W/"0x8D89A9A12E2A33B"
x-ms-request-id: aecbdf5c-c01e-0126-115e-a51c52000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 214
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacf1aa98b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/custom.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/custom.js
IP 104.18.25.188:0
GET /custom.js HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: application/javascript
content-md5: e/Aekt1V1fopj1X7y5r9MA==
last-modified: Tue, 29 Mar 2022 08:25:09 GMT
etag: W/"0x8DA115DA300B0C1"
x-ms-request-id: d013a120-f01e-003a-7703-03087a000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 532861
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdc9bb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.unibet.com/nu/pop/sportsbook/multisports/app-sports-icon.svg
IP 104.18.25.188:0
GET /nu/pop/sportsbook/multisports/app-sports-icon.svg HTTP/1.1
Host: welcome.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.unibet.com/nu/pop/sportsbook/multisports/index.html?mktid=1:127656177:68246908-37950&btag=127656177_949F2539E9934124BA8849011E6C22DB&bid=37950&campaignId=2799402&pid=68246908
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a91003245%2c%22BID%22%3a37672%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675587891077)%5c%2f%22%2c%22CookieTag%22%3a%223767291003245451240919C20232594%22%7d%2c%7b%22PID%22%3a30846443%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675591583747)%5c%2f%22%2c%22CookieTag%22%3a%223795030846443451240919C202325106%22%7d%2c%7b%22PID%22%3a33125260%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675592692386)%5c%2f%22%2c%22CookieTag%22%3a%223795033125260451240919C2023251024%22%7d%2c%7b%22PID%22%3a46670334%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675594257978)%5c%2f%22%2c%22CookieTag%22%3a%223795046670334451240919C2023251050%22%7d%2c%7b%22PID%22%3a68334834%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675598267594)%5c%2f%22%2c%22CookieTag%22%3a%223795068334834451240919C2023251157%22%7d%2c%7b%22PID%22%3a68246908%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675600416308)%5c%2f%22%2c%22CookieTag%22%3a%223795068246908451240919C2023251233%22%7d%5d; NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228784996195%7c1%22%7d%5d; btag=127656177_949F2539E9934124BA8849011E6C22DB; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19394%7CMCMID%7C79658794349493118473981932278432696210%7CMCAAMLH-1676199099%7C6%7CMCAAMB-1676199099%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675601499s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19401%7CvVersion%7C4.4.0; campaignId=2799402; uniattr=BLP.1.UT; uniattr_ref="https://inspirationhistorical.com/"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 12:33:36 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: Lm+dv7pV36kTdto2PoEyYQ==
last-modified: Thu, 26 Jan 2023 12:30:22 GMT
etag: W/"0x8DAFF991835F51F"
x-ms-request-id: 1328b90b-701e-0024-5c81-31e4a2000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 259390
vary: Accept-Encoding
server: cloudflare
cf-ray: 794bacecdca0b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2